diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2023-08-27 20:52:45 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2023-08-27 21:45:14 +0200 |
| commit | dfb8d3379f73de254a56b7b80d00fa19023cfd58 (patch) | |
| tree | a9f500744b912df3a82ba4e8de532df57bc8c45f | |
| parent | a7bd3570b03f6b2fdc9bab09c956193708723cbf (diff) | |
bump libnDPI to 1f693c3f5a5dcd9d69dffb610b9a81bd33f95382
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
905 files changed, 10287 insertions, 1481 deletions
diff --git a/libnDPI b/libnDPI -Subproject 2b230e28e0612e8654ad617534deb9aaaabd51b +Subproject 1f693c3f5a5dcd9d69dffb610b9a81bd33f9538 @@ -1325,7 +1325,7 @@ static struct nDPId_workflow * init_workflow(char const * const file_or_device) pcap_freecode(&fp); } - ndpi_init_prefs init_prefs = ndpi_no_prefs | ndpi_dont_load_gambling_list; + ndpi_init_prefs init_prefs = ndpi_no_prefs; workflow->ndpi_struct = ndpi_init_detection_module(init_prefs); if (workflow->ndpi_struct == NULL) { diff --git a/test/results/caches_cfg/ookla.pcap.out b/test/results/caches_cfg/ookla.pcap.out index e89191121..af4587458 100644 --- a/test/results/caches_cfg/ookla.pcap.out +++ b/test/results/caches_cfg/ookla.pcap.out @@ -61,9 +61,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7625096 bytes -~~ total memory freed........: 7625096 bytes -~~ total allocations/frees...: 142877/142877 +~~ total memory allocated....: 7798209 bytes +~~ total memory freed........: 7798209 bytes +~~ total allocations/frees...: 146558/146558 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 1402 chars diff --git a/test/results/caches_cfg/teams.pcap.out b/test/results/caches_cfg/teams.pcap.out index 9c349e5e6..88fc5fbe3 100644 --- a/test/results/caches_cfg/teams.pcap.out +++ b/test/results/caches_cfg/teams.pcap.out @@ -686,9 +686,9 @@ ~~ total active/idle flows...: 83/83 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8723821 bytes -~~ total memory freed........: 8723821 bytes -~~ total allocations/frees...: 145490/145490 +~~ total memory allocated....: 8898782 bytes +~~ total memory freed........: 8898782 bytes +~~ total allocations/frees...: 149171/149171 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 298 chars ~~ json string max len.......: 2504 chars diff --git a/test/results/default/1kxun.pcap.out b/test/results/default/1kxun.pcap.out index bee0d0703..46fc02d28 100644 --- a/test/results/default/1kxun.pcap.out +++ b/test/results/default/1kxun.pcap.out @@ -1290,9 +1290,9 @@ ~~ total active/idle flows...: 197/197 ~~ total timeout flows.......: 20 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8140447 bytes -~~ total memory freed........: 8140447 bytes -~~ total allocations/frees...: 147334/147334 +~~ total memory allocated....: 8318144 bytes +~~ total memory freed........: 8318144 bytes +~~ total allocations/frees...: 151015/151015 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 11852 chars diff --git a/test/results/default/443-chrome.pcap.out b/test/results/default/443-chrome.pcap.out index 99cddc22f..aa0b7d88a 100644 --- a/test/results/default/443-chrome.pcap.out +++ b/test/results/default/443-chrome.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595837 bytes -~~ total memory freed........: 7595837 bytes -~~ total allocations/frees...: 142692/142692 +~~ total memory allocated....: 7768830 bytes +~~ total memory freed........: 7768830 bytes +~~ total allocations/frees...: 146373/146373 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2505 chars diff --git a/test/results/default/443-curl.pcap.out b/test/results/default/443-curl.pcap.out index f12ccc115..9b782e343 100644 --- a/test/results/default/443-curl.pcap.out +++ b/test/results/default/443-curl.pcap.out @@ -20,9 +20,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7603888 bytes -~~ total memory freed........: 7603888 bytes -~~ total allocations/frees...: 142807/142807 +~~ total memory allocated....: 7776881 bytes +~~ total memory freed........: 7776881 bytes +~~ total allocations/frees...: 146488/146488 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2167 chars diff --git a/test/results/default/443-firefox.pcap.out b/test/results/default/443-firefox.pcap.out index 99d55dd69..020513cf6 100644 --- a/test/results/default/443-firefox.pcap.out +++ b/test/results/default/443-firefox.pcap.out @@ -20,9 +20,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7620124 bytes -~~ total memory freed........: 7620124 bytes -~~ total allocations/frees...: 143366/143366 +~~ total memory allocated....: 7793117 bytes +~~ total memory freed........: 7793117 bytes +~~ total allocations/frees...: 147047/147047 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 517 chars ~~ json string max len.......: 2182 chars diff --git a/test/results/default/443-git.pcap.out b/test/results/default/443-git.pcap.out index 7cc344ae3..dcd8c08e0 100644 --- a/test/results/default/443-git.pcap.out +++ b/test/results/default/443-git.pcap.out @@ -20,9 +20,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7606273 bytes -~~ total memory freed........: 7606273 bytes -~~ total allocations/frees...: 142770/142770 +~~ total memory allocated....: 7779266 bytes +~~ total memory freed........: 7779266 bytes +~~ total allocations/frees...: 146451/146451 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2459 chars diff --git a/test/results/default/443-opvn.pcap.out b/test/results/default/443-opvn.pcap.out index 796d22887..80943fd03 100644 --- a/test/results/default/443-opvn.pcap.out +++ b/test/results/default/443-opvn.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7597142 bytes -~~ total memory freed........: 7597142 bytes -~~ total allocations/frees...: 142737/142737 +~~ total memory allocated....: 7770135 bytes +~~ total memory freed........: 7770135 bytes +~~ total allocations/frees...: 146418/146418 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2200 chars diff --git a/test/results/default/443-safari.pcap.out b/test/results/default/443-safari.pcap.out index e7c6ad560..3d5514201 100644 --- a/test/results/default/443-safari.pcap.out +++ b/test/results/default/443-safari.pcap.out @@ -20,9 +20,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601946 bytes -~~ total memory freed........: 7601946 bytes -~~ total allocations/frees...: 142739/142739 +~~ total memory allocated....: 7774939 bytes +~~ total memory freed........: 7774939 bytes +~~ total allocations/frees...: 146420/146420 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2164 chars diff --git a/test/results/default/4in4tunnel.pcap.out b/test/results/default/4in4tunnel.pcap.out index b99bcffe4..fb83e3fab 100644 --- a/test/results/default/4in4tunnel.pcap.out +++ b/test/results/default/4in4tunnel.pcap.out @@ -23,9 +23,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 303 chars ~~ json string max len.......: 582 chars diff --git a/test/results/default/4in6tunnel.pcap.out b/test/results/default/4in6tunnel.pcap.out index 285fedf28..a27ac8881 100644 --- a/test/results/default/4in6tunnel.pcap.out +++ b/test/results/default/4in6tunnel.pcap.out @@ -16,9 +16,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593876 bytes -~~ total memory freed........: 7593876 bytes -~~ total allocations/frees...: 142694/142694 +~~ total memory allocated....: 7766869 bytes +~~ total memory freed........: 7766869 bytes +~~ total allocations/frees...: 146375/146375 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2494 chars diff --git a/test/results/default/6in4tunnel.pcap.out b/test/results/default/6in4tunnel.pcap.out index 655d9ffb1..f1d2db0a3 100644 --- a/test/results/default/6in4tunnel.pcap.out +++ b/test/results/default/6in4tunnel.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7597443 bytes -~~ total memory freed........: 7597443 bytes -~~ total allocations/frees...: 142817/142817 +~~ total memory allocated....: 7770436 bytes +~~ total memory freed........: 7770436 bytes +~~ total allocations/frees...: 146498/146498 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2020 chars diff --git a/test/results/default/6in6tunnel.pcap.out b/test/results/default/6in6tunnel.pcap.out index b5fde6af5..519f4e795 100644 --- a/test/results/default/6in6tunnel.pcap.out +++ b/test/results/default/6in6tunnel.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595942 bytes -~~ total memory freed........: 7595942 bytes -~~ total allocations/frees...: 142703/142703 +~~ total memory allocated....: 7768959 bytes +~~ total memory freed........: 7768959 bytes +~~ total allocations/frees...: 146384/146384 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 998 chars diff --git a/test/results/default/BGP_Cisco_hdlc_slarp.pcap.out b/test/results/default/BGP_Cisco_hdlc_slarp.pcap.out index 7979fb786..eed51a90f 100644 --- a/test/results/default/BGP_Cisco_hdlc_slarp.pcap.out +++ b/test/results/default/BGP_Cisco_hdlc_slarp.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594166 bytes -~~ total memory freed........: 7594166 bytes -~~ total allocations/frees...: 142704/142704 +~~ total memory allocated....: 7767159 bytes +~~ total memory freed........: 7767159 bytes +~~ total allocations/frees...: 146385/146385 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 526 chars ~~ json string max len.......: 980 chars diff --git a/test/results/default/BGP_redist.pcap.out b/test/results/default/BGP_redist.pcap.out index 9834eb43e..00290073d 100644 --- a/test/results/default/BGP_redist.pcap.out +++ b/test/results/default/BGP_redist.pcap.out @@ -15,9 +15,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593789 bytes -~~ total memory freed........: 7593789 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766782 bytes +~~ total memory freed........: 7766782 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 301 chars ~~ json string max len.......: 1090 chars diff --git a/test/results/default/EAQ.pcap.out b/test/results/default/EAQ.pcap.out index b01cc644f..7c6708ab3 100644 --- a/test/results/default/EAQ.pcap.out +++ b/test/results/default/EAQ.pcap.out @@ -275,9 +275,9 @@ ~~ total active/idle flows...: 31/31 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7663402 bytes -~~ total memory freed........: 7663402 bytes -~~ total allocations/frees...: 143230/143230 +~~ total memory allocated....: 7837115 bytes +~~ total memory freed........: 7837115 bytes +~~ total allocations/frees...: 146911/146911 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 1206 chars diff --git a/test/results/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out b/test/results/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out index 7d140194e..a980717d4 100644 --- a/test/results/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out +++ b/test/results/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out @@ -58,9 +58,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7647264 bytes -~~ total memory freed........: 7647264 bytes -~~ total allocations/frees...: 144286/144286 +~~ total memory allocated....: 7820353 bytes +~~ total memory freed........: 7820353 bytes +~~ total allocations/frees...: 147967/147967 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 534 chars ~~ json string max len.......: 2357 chars diff --git a/test/results/default/IEC104.pcap.out b/test/results/default/IEC104.pcap.out index eeb220606..fc0f5c95c 100644 --- a/test/results/default/IEC104.pcap.out +++ b/test/results/default/IEC104.pcap.out @@ -23,9 +23,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596319 bytes -~~ total memory freed........: 7596319 bytes -~~ total allocations/frees...: 142716/142716 +~~ total memory allocated....: 7769336 bytes +~~ total memory freed........: 7769336 bytes +~~ total allocations/frees...: 146397/146397 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1103 chars diff --git a/test/results/default/KakaoTalk_chat.pcap.out b/test/results/default/KakaoTalk_chat.pcap.out index 44635019f..37752d3cb 100644 --- a/test/results/default/KakaoTalk_chat.pcap.out +++ b/test/results/default/KakaoTalk_chat.pcap.out @@ -246,7 +246,7 @@ 00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1430069030703253,"flow_src_last_pkt_time":1430069030703253,"flow_dst_last_pkt_time":1430069030748175,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1430069073299933,"l3_proto":"ip4","src_ip":"10.24.82.188","dst_ip":"10.188.1.1","src_port":24596,"dst_port":53,"l4_proto":"udp","flow_datalink":113,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Facebook","proto_id":"5.119","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":14,"category":"Network"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1430069022252722,"flow_src_last_pkt_time":1430069022252722,"flow_dst_last_pkt_time":1430069022295691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":37,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":37,"flow_dst_max_l4_payload_len":53,"flow_src_tot_l4_payload_len":37,"flow_dst_tot_l4_payload_len":53,"midstream":0,"thread_ts_usec":1430069073299933,"l3_proto":"ip4","src_ip":"10.24.82.188","dst_ip":"10.188.1.1","src_port":43077,"dst_port":53,"l4_proto":"udp","flow_datalink":113,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.KakaoTalk","proto_id":"5.193","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01091{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1430069060011328,"flow_src_last_pkt_time":1430069060011328,"flow_dst_last_pkt_time":1430069060011328,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":27,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":27,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":27,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1430069073299933,"l3_proto":"ip4","src_ip":"10.24.82.188","dst_ip":"216.58.220.174","src_port":49217,"dst_port":443,"l4_proto":"tcp","flow_datalink":113,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} -00981{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":17,"flow_dst_packets_processed":9,"flow_first_seen":1430069022297766,"flow_src_last_pkt_time":1430069069068885,"flow_dst_last_pkt_time":1430069068969947,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":589,"flow_dst_max_l4_payload_len":206,"flow_src_tot_l4_payload_len":1067,"flow_dst_tot_l4_payload_len":1075,"midstream":0,"thread_ts_usec":1430069073299933,"l3_proto":"ip4","src_ip":"10.24.82.188","dst_ip":"103.246.57.251","src_port":51021,"dst_port":8080,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"HTTP_Proxy","proto_id":"131","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"","http": {}}} +01108{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":17,"flow_dst_packets_processed":9,"flow_first_seen":1430069022297766,"flow_src_last_pkt_time":1430069069068885,"flow_dst_last_pkt_time":1430069068969947,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":589,"flow_dst_max_l4_payload_len":206,"flow_src_tot_l4_payload_len":1067,"flow_dst_tot_l4_payload_len":1075,"midstream":0,"thread_ts_usec":1430069073299933,"l3_proto":"ip4","src_ip":"10.24.82.188","dst_ip":"103.246.57.251","src_port":51021,"dst_port":8080,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"confidence": {"1":"Match by port"},"proto":"HTTP_Proxy","proto_id":"131","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"","http": {}}} 00799{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":17,"flow_dst_packets_processed":9,"flow_first_seen":1430069022297766,"flow_src_last_pkt_time":1430069069068885,"flow_dst_last_pkt_time":1430069068969947,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":589,"flow_dst_max_l4_payload_len":206,"flow_src_tot_l4_payload_len":1067,"flow_dst_tot_l4_payload_len":1075,"midstream":0,"thread_ts_usec":1430069073299933,"l3_proto":"ip4","src_ip":"10.24.82.188","dst_ip":"103.246.57.251","src_port":51021,"dst_port":8080,"l4_proto":"tcp","flow_datalink":113,"flow_max_packets":5} 00799{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":14,"flow_first_seen":1430069030121588,"flow_src_last_pkt_time":1430069041457495,"flow_dst_last_pkt_time":1430069041381385,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":373,"flow_dst_max_l4_payload_len":1280,"flow_src_tot_l4_payload_len":1288,"flow_dst_tot_l4_payload_len":4298,"midstream":0,"thread_ts_usec":1430069073299933,"l3_proto":"ip4","src_ip":"10.24.82.188","dst_ip":"210.103.240.15","src_port":37821,"dst_port":443,"l4_proto":"tcp","flow_datalink":113,"flow_max_packets":5} 00971{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1430069031230994,"flow_src_last_pkt_time":1430069031230994,"flow_dst_last_pkt_time":1430069031281714,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":43,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":43,"flow_dst_max_l4_payload_len":86,"flow_src_tot_l4_payload_len":43,"flow_dst_tot_l4_payload_len":86,"midstream":0,"thread_ts_usec":1430069073299933,"l3_proto":"ip4","src_ip":"10.24.82.188","dst_ip":"10.188.1.1","src_port":14650,"dst_port":53,"l4_proto":"udp","flow_datalink":113,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -276,9 +276,9 @@ ~~ total active/idle flows...: 38/38 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7810654 bytes -~~ total memory freed........: 7810654 bytes -~~ total allocations/frees...: 143672/143672 +~~ total memory allocated....: 7984535 bytes +~~ total memory freed........: 7984535 bytes +~~ total allocations/frees...: 147353/147353 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2369 chars diff --git a/test/results/default/KakaoTalk_talk.pcap.out b/test/results/default/KakaoTalk_talk.pcap.out index 544387856..f6d744152 100644 --- a/test/results/default/KakaoTalk_talk.pcap.out +++ b/test/results/default/KakaoTalk_talk.pcap.out @@ -150,9 +150,9 @@ ~~ total active/idle flows...: 20/20 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7752194 bytes -~~ total memory freed........: 7752194 bytes -~~ total allocations/frees...: 146135/146135 +~~ total memory allocated....: 7925643 bytes +~~ total memory freed........: 7925643 bytes +~~ total allocations/frees...: 149816/149816 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2713 chars diff --git a/test/results/default/NTPv2.pcap.out b/test/results/default/NTPv2.pcap.out index 45aa7f63c..a23668d47 100644 --- a/test/results/default/NTPv2.pcap.out +++ b/test/results/default/NTPv2.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593789 bytes -~~ total memory freed........: 7593789 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766782 bytes +~~ total memory freed........: 7766782 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1087 chars diff --git a/test/results/default/NTPv3.pcap.out b/test/results/default/NTPv3.pcap.out index f12bd2638..2fbe62899 100644 --- a/test/results/default/NTPv3.pcap.out +++ b/test/results/default/NTPv3.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593789 bytes -~~ total memory freed........: 7593789 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766782 bytes +~~ total memory freed........: 7766782 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1084 chars diff --git a/test/results/default/NTPv4.pcap.out b/test/results/default/NTPv4.pcap.out index 8a6f92ab4..a2661e06f 100644 --- a/test/results/default/NTPv4.pcap.out +++ b/test/results/default/NTPv4.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593789 bytes -~~ total memory freed........: 7593789 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766782 bytes +~~ total memory freed........: 7766782 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1084 chars diff --git a/test/results/default/Oscar.pcap.out b/test/results/default/Oscar.pcap.out index 7dcd4e8cb..8bb87d35d 100644 --- a/test/results/default/Oscar.pcap.out +++ b/test/results/default/Oscar.pcap.out @@ -7,7 +7,7 @@ 00954{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/Oscar.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1434606464214174,"flow_dst_last_pkt_time":1434606464205135,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":369,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":369,"pkt_l4_len":335,"thread_ts_usec":1434606464214174,"pkt":"AAxCW5ILDE3pmjdICABFAAFj5HlAAEAGAAAKHh0Dsu0Y+fd9Abu9oGym\/y\/obVAY\/\/\/0XAAAKgEAAQE1AAAAAQAGAQDAL2FMGcSooK2hg1pwKT53sKDoduPb+pVMVmF3auA4+lts9U9vjoLabxM5VNiUPY2roddLvW\/u4U3Enuyzf2H4CSSbQm8iBkapQTu8c2TzBLX2GBOxENE75GcVDApRTIZrsuhMIo+NtcdludDMRv\/Rk0pGDHpwd746jdCghhvdNc6tSyvMqZzjDMFAhWjDxFLH3NlgzgadRoRqZYGyIGf2CdzkBuhAgpIJ+e3+uFHKG8fX286u1t2I8fyfkICXpXqm39sHPirpBLDKZWQQ9qpfBgteizOZrfbiDcpDvQpPjUlEQ0HssoqjinyJB403pbIFWr6R\/2ab7HMDL+S\/wrdoAAMADEFkaXVtLzEuNS4xMAAXAAIAFAAYAAIANAAZAAIAAAAaAAIMGABKAAED"} 00540{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/Oscar.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1434606464214174,"flow_dst_last_pkt_time":1434606464247559,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":64,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":64,"pkt_l4_len":30,"thread_ts_usec":1434606464247559,"pkt":"DE3pmjdIAAxCW5ILCABFAAAyd\/lAAG8GoMWy7Rj5Ch4dAwG7933\/L+htvaBsplAYQAAuDQAAKgEZigAEAAAAAQ=="} 01999{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/Oscar.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1434606464176482,"flow_src_last_pkt_time":1434606524600171,"flow_dst_last_pkt_time":1434606524130160,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":315,"flow_dst_max_l4_payload_len":1360,"flow_src_tot_l4_payload_len":1138,"flow_dst_tot_l4_payload_len":3047,"midstream":0,"thread_ts_usec":1434606524600171,"l3_proto":"ip4","src_ip":"10.30.29.3","dst_ip":"178.237.24.249","src_port":63357,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":3,"avg":3883141.0,"max":58215154,"stddev":14267685.0,"var":203566836875264.0,"ent":1.3,"data": [28653,28776,8916,42424,33521,518,478,147,33511,33418,288,33636,843,34123,226,44565,44326,32783,32790,157,115,322,31348,31096,58175544,58215154,3,39626,1457397,1490083,502580]},"pktlen": {"min":40,"avg":172.5,"max":1400,"stddev":263.3,"var":69345.6,"ent":4.0,"data": [64,46,40,355,50,40,605,40,92,130,40,56,1400,337,40,66,46,152,497,40,270,40,252,46,335,76,46,78,40,78,46,76]},"bins": {"c_to_s": [11,4,0,1,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [6,1,1,0,0,0,0,1,0,1,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0]},"directions": [0,1,0,0,1,0,1,0,0,1,0,0,1,1,0,0,1,0,1,0,1,0,0,1,0,0,1,1,0,0,1,0],"entropies": [4.441382408,4.871388912,4.661769390,7.090702057,4.724371910,4.661769390,5.245636463,4.661769390,4.009517670,4.346171379,4.611769676,4.280395031,3.817430019,3.863874197,4.611769676,4.309496880,4.501398563,3.542632341,4.154665947,4.611769676,3.726292849,4.611769199,5.504406452,4.457919598,3.418277502,4.801239491,4.544876099,5.035846710,4.611769676,4.478143215,4.501398087,4.761171341]}} -00930{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/Oscar.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":38,"flow_dst_packets_processed":33,"flow_first_seen":1434606464176482,"flow_src_last_pkt_time":1434606536630487,"flow_dst_last_pkt_time":1434606536630387,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":315,"flow_dst_max_l4_payload_len":1360,"flow_src_tot_l4_payload_len":1504,"flow_dst_tot_l4_payload_len":3946,"midstream":0,"thread_ts_usec":1434606536630487,"l3_proto":"ip4","src_ip":"10.30.29.3","dst_ip":"178.237.24.249","src_port":63357,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} +01057{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/Oscar.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":38,"flow_dst_packets_processed":33,"flow_first_seen":1434606464176482,"flow_src_last_pkt_time":1434606536630487,"flow_dst_last_pkt_time":1434606536630387,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":315,"flow_dst_max_l4_payload_len":1360,"flow_src_tot_l4_payload_len":1504,"flow_dst_tot_l4_payload_len":3946,"midstream":0,"thread_ts_usec":1434606536630487,"l3_proto":"ip4","src_ip":"10.30.29.3","dst_ip":"178.237.24.249","src_port":63357,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00785{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/Oscar.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":38,"flow_dst_packets_processed":33,"flow_first_seen":1434606464176482,"flow_src_last_pkt_time":1434606536630487,"flow_dst_last_pkt_time":1434606536630387,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":315,"flow_dst_max_l4_payload_len":1360,"flow_src_tot_l4_payload_len":1504,"flow_dst_tot_l4_payload_len":3946,"midstream":0,"thread_ts_usec":1434606536630487,"l3_proto":"ip4","src_ip":"10.30.29.3","dst_ip":"178.237.24.249","src_port":63357,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00578{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/Oscar.pcap","alias":"nDPId-test","packets-captured":71,"packets-processed":71,"total-skipped-flows":0,"total-l4-payload-len":5450,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":12,"global_ts_usec":1434606536630487} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7597867 bytes -~~ total memory freed........: 7597867 bytes -~~ total allocations/frees...: 142762/142762 +~~ total memory allocated....: 7770860 bytes +~~ total memory freed........: 7770860 bytes +~~ total allocations/frees...: 146443/146443 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2004 chars diff --git a/test/results/default/TivoDVR.pcap.out b/test/results/default/TivoDVR.pcap.out index c0fd4ac46..9d9772fb6 100644 --- a/test/results/default/TivoDVR.pcap.out +++ b/test/results/default/TivoDVR.pcap.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593790 bytes -~~ total memory freed........: 7593790 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766783 bytes +~~ total memory freed........: 7766783 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 1093 chars diff --git a/test/results/default/WebattackRCE.pcap.out b/test/results/default/WebattackRCE.pcap.out index 2f7e9283a..50e2dd604 100644 --- a/test/results/default/WebattackRCE.pcap.out +++ b/test/results/default/WebattackRCE.pcap.out @@ -3197,9 +3197,9 @@ ~~ total active/idle flows...: 797/797 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 9458708 bytes -~~ total memory freed........: 9458708 bytes -~~ total allocations/frees...: 156814/156814 +~~ total memory allocated....: 9650805 bytes +~~ total memory freed........: 9650805 bytes +~~ total allocations/frees...: 160495/160495 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 1892 chars diff --git a/test/results/default/WebattackSQLinj.pcap.out b/test/results/default/WebattackSQLinj.pcap.out index 987bd4df5..bfdfa17c2 100644 --- a/test/results/default/WebattackSQLinj.pcap.out +++ b/test/results/default/WebattackSQLinj.pcap.out @@ -81,9 +81,9 @@ ~~ total active/idle flows...: 9/9 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7616993 bytes -~~ total memory freed........: 7616993 bytes -~~ total allocations/frees...: 142955/142955 +~~ total memory allocated....: 7790178 bytes +~~ total memory freed........: 7790178 bytes +~~ total allocations/frees...: 146636/146636 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 1507 chars diff --git a/test/results/default/WebattackXSS.pcap.out b/test/results/default/WebattackXSS.pcap.out index 40eb6370e..ec0a2122a 100644 --- a/test/results/default/WebattackXSS.pcap.out +++ b/test/results/default/WebattackXSS.pcap.out @@ -5311,9 +5311,9 @@ ~~ total active/idle flows...: 661/661 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 9276297 bytes -~~ total memory freed........: 9276297 bytes -~~ total allocations/frees...: 159496/159496 +~~ total memory allocated....: 9465130 bytes +~~ total memory freed........: 9465130 bytes +~~ total allocations/frees...: 163177/163177 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 2577 chars diff --git a/test/results/default/activision.pcap.out b/test/results/default/activision.pcap.out index 716e524a0..9bb987293 100644 --- a/test/results/default/activision.pcap.out +++ b/test/results/default/activision.pcap.out @@ -44,9 +44,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601872 bytes -~~ total memory freed........: 7601872 bytes -~~ total allocations/frees...: 142783/142783 +~~ total memory allocated....: 7774937 bytes +~~ total memory freed........: 7774937 bytes +~~ total allocations/frees...: 146464/146464 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 1101 chars diff --git a/test/results/default/adult_content.pcap.out b/test/results/default/adult_content.pcap.out index 79bfecc06..ec5299ab2 100644 --- a/test/results/default/adult_content.pcap.out +++ b/test/results/default/adult_content.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594485 bytes -~~ total memory freed........: 7594485 bytes -~~ total allocations/frees...: 142715/142715 +~~ total memory allocated....: 7767478 bytes +~~ total memory freed........: 7767478 bytes +~~ total allocations/frees...: 146396/146396 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 1195 chars diff --git a/test/results/default/afp.pcap.out b/test/results/default/afp.pcap.out index 45b4785a9..6230b0b14 100644 --- a/test/results/default/afp.pcap.out +++ b/test/results/default/afp.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594224 bytes -~~ total memory freed........: 7594224 bytes -~~ total allocations/frees...: 142706/142706 +~~ total memory allocated....: 7767217 bytes +~~ total memory freed........: 7767217 bytes +~~ total allocations/frees...: 146387/146387 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 1099 chars diff --git a/test/results/default/agora-sd-rtn.pcap.out b/test/results/default/agora-sd-rtn.pcap.out index 4f1c9c2c7..dd3c0ea99 100644 --- a/test/results/default/agora-sd-rtn.pcap.out +++ b/test/results/default/agora-sd-rtn.pcap.out @@ -244,9 +244,9 @@ ~~ total active/idle flows...: 26/26 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7658547 bytes -~~ total memory freed........: 7658547 bytes -~~ total allocations/frees...: 143368/143368 +~~ total memory allocated....: 7832140 bytes +~~ total memory freed........: 7832140 bytes +~~ total allocations/frees...: 147049/147049 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 2185 chars diff --git a/test/results/default/ah.pcapng.out b/test/results/default/ah.pcapng.out index 53c88639d..51535ecc8 100644 --- a/test/results/default/ah.pcapng.out +++ b/test/results/default/ah.pcapng.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596058 bytes -~~ total memory freed........: 7596058 bytes -~~ total allocations/frees...: 142707/142707 +~~ total memory allocated....: 7769075 bytes +~~ total memory freed........: 7769075 bytes +~~ total allocations/frees...: 146388/146388 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1076 chars diff --git a/test/results/default/ajp.pcap.out b/test/results/default/ajp.pcap.out index ff6a5f487..61b8f1e8d 100644 --- a/test/results/default/ajp.pcap.out +++ b/test/results/default/ajp.pcap.out @@ -49,9 +49,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596638 bytes -~~ total memory freed........: 7596638 bytes -~~ total allocations/frees...: 142727/142727 +~~ total memory allocated....: 7769655 bytes +~~ total memory freed........: 7769655 bytes +~~ total allocations/frees...: 146408/146408 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 313 chars ~~ json string max len.......: 1513 chars diff --git a/test/results/default/alexa-app.pcapng.out b/test/results/default/alexa-app.pcapng.out index ab74a142f..fa5cefec4 100644 --- a/test/results/default/alexa-app.pcapng.out +++ b/test/results/default/alexa-app.pcapng.out @@ -1428,9 +1428,9 @@ ~~ total active/idle flows...: 160/160 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8719046 bytes -~~ total memory freed........: 8719046 bytes -~~ total allocations/frees...: 148405/148405 +~~ total memory allocated....: 8895855 bytes +~~ total memory freed........: 8895855 bytes +~~ total allocations/frees...: 152086/152086 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 300 chars ~~ json string max len.......: 2508 chars diff --git a/test/results/default/alicloud.pcap.out b/test/results/default/alicloud.pcap.out index 15758024a..a61bfa55a 100644 --- a/test/results/default/alicloud.pcap.out +++ b/test/results/default/alicloud.pcap.out @@ -141,9 +141,9 @@ ~~ total active/idle flows...: 15/15 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7660741 bytes -~~ total memory freed........: 7660741 bytes -~~ total allocations/frees...: 143084/143084 +~~ total memory allocated....: 7834070 bytes +~~ total memory freed........: 7834070 bytes +~~ total allocations/frees...: 146765/146765 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 985 chars diff --git a/test/results/default/among_us.pcap.out b/test/results/default/among_us.pcap.out index a5413c158..ecd1ec500 100644 --- a/test/results/default/among_us.pcap.out +++ b/test/results/default/among_us.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593789 bytes -~~ total memory freed........: 7593789 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766782 bytes +~~ total memory freed........: 7766782 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 1082 chars diff --git a/test/results/default/amqp.pcap.out b/test/results/default/amqp.pcap.out index 94e8d2311..d5f52c662 100644 --- a/test/results/default/amqp.pcap.out +++ b/test/results/default/amqp.pcap.out @@ -34,9 +34,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7608792 bytes -~~ total memory freed........: 7608792 bytes -~~ total allocations/frees...: 142875/142875 +~~ total memory allocated....: 7781833 bytes +~~ total memory freed........: 7781833 bytes +~~ total allocations/frees...: 146556/146556 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2263 chars diff --git a/test/results/default/android.pcap.out b/test/results/default/android.pcap.out index d2ac8ece3..9133ebcbc 100644 --- a/test/results/default/android.pcap.out +++ b/test/results/default/android.pcap.out @@ -441,9 +441,9 @@ ~~ total active/idle flows...: 63/63 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7981526 bytes -~~ total memory freed........: 7981526 bytes -~~ total allocations/frees...: 144130/144130 +~~ total memory allocated....: 8156007 bytes +~~ total memory freed........: 8156007 bytes +~~ total allocations/frees...: 147811/147811 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2635 chars diff --git a/test/results/default/anyconnect-vpn.pcap.out b/test/results/default/anyconnect-vpn.pcap.out index 6fb4863c7..38327f1b6 100644 --- a/test/results/default/anyconnect-vpn.pcap.out +++ b/test/results/default/anyconnect-vpn.pcap.out @@ -465,9 +465,9 @@ ~~ total active/idle flows...: 69/69 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7850101 bytes -~~ total memory freed........: 7850101 bytes -~~ total allocations/frees...: 144106/144106 +~~ total memory allocated....: 8024726 bytes +~~ total memory freed........: 8024726 bytes +~~ total allocations/frees...: 147787/147787 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2780 chars diff --git a/test/results/default/anydesk.pcapng.out b/test/results/default/anydesk.pcapng.out index 611c5dd03..19a3d3f81 100644 --- a/test/results/default/anydesk.pcapng.out +++ b/test/results/default/anydesk.pcapng.out @@ -73,9 +73,9 @@ ~~ total active/idle flows...: 7/7 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7658037 bytes -~~ total memory freed........: 7658037 bytes -~~ total allocations/frees...: 142966/142966 +~~ total memory allocated....: 7831174 bytes +~~ total memory freed........: 7831174 bytes +~~ total allocations/frees...: 146647/146647 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2677 chars diff --git a/test/results/default/avast.pcap.out b/test/results/default/avast.pcap.out index 7c0b36265..271785814 100644 --- a/test/results/default/avast.pcap.out +++ b/test/results/default/avast.pcap.out @@ -107,9 +107,9 @@ ~~ total active/idle flows...: 10/10 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7637474 bytes -~~ total memory freed........: 7637474 bytes -~~ total allocations/frees...: 142941/142941 +~~ total memory allocated....: 7810683 bytes +~~ total memory freed........: 7810683 bytes +~~ total allocations/frees...: 146622/146622 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 966 chars diff --git a/test/results/default/avast_securedns.pcapng.out b/test/results/default/avast_securedns.pcapng.out index 537b5bee1..fd1780128 100644 --- a/test/results/default/avast_securedns.pcapng.out +++ b/test/results/default/avast_securedns.pcapng.out @@ -224,9 +224,9 @@ ~~ total active/idle flows...: 39/39 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7676705 bytes -~~ total memory freed........: 7676705 bytes -~~ total allocations/frees...: 143185/143185 +~~ total memory allocated....: 7850610 bytes +~~ total memory freed........: 7850610 bytes +~~ total allocations/frees...: 146866/146866 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 1118 chars diff --git a/test/results/default/bacnet.pcap.out b/test/results/default/bacnet.pcap.out index d16d21f53..59ed17128 100644 --- a/test/results/default/bacnet.pcap.out +++ b/test/results/default/bacnet.pcap.out @@ -63,9 +63,9 @@ ~~ total active/idle flows...: 10/10 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613543 bytes -~~ total memory freed........: 7613543 bytes -~~ total allocations/frees...: 142812/142812 +~~ total memory allocated....: 7786752 bytes +~~ total memory freed........: 7786752 bytes +~~ total allocations/frees...: 146493/146493 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1104 chars diff --git a/test/results/default/bad-dns-traffic.pcap.out b/test/results/default/bad-dns-traffic.pcap.out index 614cebc1d..12257bf33 100644 --- a/test/results/default/bad-dns-traffic.pcap.out +++ b/test/results/default/bad-dns-traffic.pcap.out @@ -45,9 +45,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7609410 bytes -~~ total memory freed........: 7609410 bytes -~~ total allocations/frees...: 143100/143100 +~~ total memory allocated....: 7782451 bytes +~~ total memory freed........: 7782451 bytes +~~ total allocations/frees...: 146781/146781 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 2494 chars diff --git a/test/results/default/badpackets.pcap.out b/test/results/default/badpackets.pcap.out index 8e32da5f5..b42a7366a 100644 --- a/test/results/default/badpackets.pcap.out +++ b/test/results/default/badpackets.pcap.out @@ -200,9 +200,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 320 chars ~~ json string max len.......: 2335 chars diff --git a/test/results/default/bitcoin.pcap.out b/test/results/default/bitcoin.pcap.out index fb58935ac..ce3c2ae1b 100644 --- a/test/results/default/bitcoin.pcap.out +++ b/test/results/default/bitcoin.pcap.out @@ -64,9 +64,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7622853 bytes -~~ total memory freed........: 7622853 bytes -~~ total allocations/frees...: 143382/143382 +~~ total memory allocated....: 7795966 bytes +~~ total memory freed........: 7795966 bytes +~~ total allocations/frees...: 147063/147063 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2493 chars diff --git a/test/results/default/bittorrent.pcap.out b/test/results/default/bittorrent.pcap.out index b70ec24b2..0ff4ca148 100644 --- a/test/results/default/bittorrent.pcap.out +++ b/test/results/default/bittorrent.pcap.out @@ -170,9 +170,9 @@ ~~ total active/idle flows...: 24/24 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7696339 bytes -~~ total memory freed........: 7696339 bytes -~~ total allocations/frees...: 143264/143264 +~~ total memory allocated....: 7869884 bytes +~~ total memory freed........: 7869884 bytes +~~ total allocations/frees...: 146945/146945 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2508 chars diff --git a/test/results/default/bittorrent_tcp_miss.pcapng.out b/test/results/default/bittorrent_tcp_miss.pcapng.out index cb291096d..445482497 100644 --- a/test/results/default/bittorrent_tcp_miss.pcapng.out +++ b/test/results/default/bittorrent_tcp_miss.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598708 bytes -~~ total memory freed........: 7598708 bytes -~~ total allocations/frees...: 142791/142791 +~~ total memory allocated....: 7771701 bytes +~~ total memory freed........: 7771701 bytes +~~ total allocations/frees...: 146472/146472 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 527 chars ~~ json string max len.......: 2336 chars diff --git a/test/results/default/bittorrent_utp.pcap.out b/test/results/default/bittorrent_utp.pcap.out index d3352705e..76410d39b 100644 --- a/test/results/default/bittorrent_utp.pcap.out +++ b/test/results/default/bittorrent_utp.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596254 bytes -~~ total memory freed........: 7596254 bytes -~~ total allocations/frees...: 142776/142776 +~~ total memory allocated....: 7769247 bytes +~~ total memory freed........: 7769247 bytes +~~ total allocations/frees...: 146457/146457 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2377 chars diff --git a/test/results/default/bjnp.pcap.out b/test/results/default/bjnp.pcap.out index a678ff29f..8c444dd83 100644 --- a/test/results/default/bjnp.pcap.out +++ b/test/results/default/bjnp.pcap.out @@ -49,9 +49,9 @@ ~~ total active/idle flows...: 10/10 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613166 bytes -~~ total memory freed........: 7613166 bytes -~~ total allocations/frees...: 142799/142799 +~~ total memory allocated....: 7786375 bytes +~~ total memory freed........: 7786375 bytes +~~ total allocations/frees...: 146480/146480 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1095 chars diff --git a/test/results/default/bot.pcap.out b/test/results/default/bot.pcap.out index 2d01576c8..cde8d70ec 100644 --- a/test/results/default/bot.pcap.out +++ b/test/results/default/bot.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7605647 bytes -~~ total memory freed........: 7605647 bytes -~~ total allocations/frees...: 143098/143098 +~~ total memory allocated....: 7778640 bytes +~~ total memory freed........: 7778640 bytes +~~ total allocations/frees...: 146779/146779 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2255 chars diff --git a/test/results/default/bt-dns.pcap.out b/test/results/default/bt-dns.pcap.out index f7faaa04b..9f05cb005 100644 --- a/test/results/default/bt-dns.pcap.out +++ b/test/results/default/bt-dns.pcap.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593818 bytes -~~ total memory freed........: 7593818 bytes -~~ total allocations/frees...: 142692/142692 +~~ total memory allocated....: 7766811 bytes +~~ total memory freed........: 7766811 bytes +~~ total allocations/frees...: 146373/146373 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1155 chars diff --git a/test/results/default/bt-http.pcapng.out b/test/results/default/bt-http.pcapng.out index f98c629dc..01baa9579 100644 --- a/test/results/default/bt-http.pcapng.out +++ b/test/results/default/bt-http.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594780 bytes -~~ total memory freed........: 7594780 bytes -~~ total allocations/frees...: 142719/142719 +~~ total memory allocated....: 7767773 bytes +~~ total memory freed........: 7767773 bytes +~~ total allocations/frees...: 146400/146400 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 1317 chars diff --git a/test/results/default/bt_search.pcap.out b/test/results/default/bt_search.pcap.out index 042dae742..585c003a4 100644 --- a/test/results/default/bt_search.pcap.out +++ b/test/results/default/bt_search.pcap.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593790 bytes -~~ total memory freed........: 7593790 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766783 bytes +~~ total memory freed........: 7766783 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 969 chars diff --git a/test/results/default/cachefly.pcapng.out b/test/results/default/cachefly.pcapng.out index 270bc946a..93570954b 100644 --- a/test/results/default/cachefly.pcapng.out +++ b/test/results/default/cachefly.pcapng.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7643428 bytes -~~ total memory freed........: 7643428 bytes -~~ total allocations/frees...: 142761/142761 +~~ total memory allocated....: 7816421 bytes +~~ total memory freed........: 7816421 bytes +~~ total allocations/frees...: 146442/146442 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2707 chars diff --git a/test/results/default/capwap.pcap.out b/test/results/default/capwap.pcap.out index 7ea226763..cc12eb57f 100644 --- a/test/results/default/capwap.pcap.out +++ b/test/results/default/capwap.pcap.out @@ -76,9 +76,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613713 bytes -~~ total memory freed........: 7613713 bytes -~~ total allocations/frees...: 143129/143129 +~~ total memory allocated....: 7786802 bytes +~~ total memory freed........: 7786802 bytes +~~ total allocations/frees...: 146810/146810 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 297 chars ~~ json string max len.......: 2383 chars diff --git a/test/results/default/capwap_data.pcapng.out b/test/results/default/capwap_data.pcapng.out index d6421dc8d..bec36a4da 100644 --- a/test/results/default/capwap_data.pcapng.out +++ b/test/results/default/capwap_data.pcapng.out @@ -37,9 +37,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 306 chars ~~ json string max len.......: 738 chars diff --git a/test/results/default/cassandra.pcap.out b/test/results/default/cassandra.pcap.out index 3e343c448..d01024d94 100644 --- a/test/results/default/cassandra.pcap.out +++ b/test/results/default/cassandra.pcap.out @@ -27,9 +27,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7608274 bytes -~~ total memory freed........: 7608274 bytes -~~ total allocations/frees...: 142989/142989 +~~ total memory allocated....: 7781291 bytes +~~ total memory freed........: 7781291 bytes +~~ total allocations/frees...: 146670/146670 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2202 chars diff --git a/test/results/default/check_mk_new.pcap.out b/test/results/default/check_mk_new.pcap.out index bcba30552..6ec4682d1 100644 --- a/test/results/default/check_mk_new.pcap.out +++ b/test/results/default/check_mk_new.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596602 bytes -~~ total memory freed........: 7596602 bytes -~~ total allocations/frees...: 142788/142788 +~~ total memory allocated....: 7769595 bytes +~~ total memory freed........: 7769595 bytes +~~ total allocations/frees...: 146469/146469 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 2133 chars diff --git a/test/results/default/chrome.pcap.out b/test/results/default/chrome.pcap.out index 8152a3e25..97432c189 100644 --- a/test/results/default/chrome.pcap.out +++ b/test/results/default/chrome.pcap.out @@ -63,9 +63,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7794837 bytes -~~ total memory freed........: 7794837 bytes -~~ total allocations/frees...: 142922/142922 +~~ total memory allocated....: 7967950 bytes +~~ total memory freed........: 7967950 bytes +~~ total allocations/frees...: 146603/146603 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1409 chars diff --git a/test/results/default/citrix.pcap.out b/test/results/default/citrix.pcap.out index 548b47c14..3108e02be 100644 --- a/test/results/default/citrix.pcap.out +++ b/test/results/default/citrix.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596660 bytes -~~ total memory freed........: 7596660 bytes -~~ total allocations/frees...: 142790/142790 +~~ total memory allocated....: 7769653 bytes +~~ total memory freed........: 7769653 bytes +~~ total allocations/frees...: 146471/146471 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 500 chars ~~ json string max len.......: 2056 chars diff --git a/test/results/default/cloudflare-warp.pcap.out b/test/results/default/cloudflare-warp.pcap.out index db1c2a247..210b8800a 100644 --- a/test/results/default/cloudflare-warp.pcap.out +++ b/test/results/default/cloudflare-warp.pcap.out @@ -69,9 +69,9 @@ ~~ total active/idle flows...: 8/8 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7632954 bytes -~~ total memory freed........: 7632954 bytes -~~ total allocations/frees...: 142855/142855 +~~ total memory allocated....: 7806115 bytes +~~ total memory freed........: 7806115 bytes +~~ total allocations/frees...: 146536/146536 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 1547 chars diff --git a/test/results/default/coap_mqtt.pcap.out b/test/results/default/coap_mqtt.pcap.out index 956d47e79..b02caaf2f 100644 --- a/test/results/default/coap_mqtt.pcap.out +++ b/test/results/default/coap_mqtt.pcap.out @@ -127,9 +127,9 @@ ~~ total active/idle flows...: 16/16 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7665132 bytes -~~ total memory freed........: 7665132 bytes -~~ total allocations/frees...: 143939/143939 +~~ total memory allocated....: 7838485 bytes +~~ total memory freed........: 7838485 bytes +~~ total allocations/frees...: 147620/147620 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2431 chars diff --git a/test/results/default/collectd.pcap.out b/test/results/default/collectd.pcap.out index 4951b92d3..17faab7b4 100644 --- a/test/results/default/collectd.pcap.out +++ b/test/results/default/collectd.pcap.out @@ -80,9 +80,9 @@ ~~ total active/idle flows...: 9/9 ~~ total timeout flows.......: 3 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613017 bytes -~~ total memory freed........: 7613017 bytes -~~ total allocations/frees...: 142856/142856 +~~ total memory allocated....: 7786202 bytes +~~ total memory freed........: 7786202 bytes +~~ total allocations/frees...: 146537/146537 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2401 chars diff --git a/test/results/default/corba.pcap.out b/test/results/default/corba.pcap.out index 67fc4e456..ecab46ddb 100644 --- a/test/results/default/corba.pcap.out +++ b/test/results/default/corba.pcap.out @@ -33,9 +33,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604790 bytes -~~ total memory freed........: 7604790 bytes -~~ total allocations/frees...: 142737/142737 +~~ total memory allocated....: 7777831 bytes +~~ total memory freed........: 7777831 bytes +~~ total allocations/frees...: 146418/146418 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1190 chars diff --git a/test/results/default/cpha.pcap.out b/test/results/default/cpha.pcap.out index c049c13d7..8d05fd24a 100644 --- a/test/results/default/cpha.pcap.out +++ b/test/results/default/cpha.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593761 bytes -~~ total memory freed........: 7593761 bytes -~~ total allocations/frees...: 142690/142690 +~~ total memory allocated....: 7766754 bytes +~~ total memory freed........: 7766754 bytes +~~ total allocations/frees...: 146371/146371 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 950 chars diff --git a/test/results/default/crawler_false_positive.pcapng.out b/test/results/default/crawler_false_positive.pcapng.out index c22a330db..cd5fe5e1f 100644 --- a/test/results/default/crawler_false_positive.pcapng.out +++ b/test/results/default/crawler_false_positive.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594213 bytes -~~ total memory freed........: 7594213 bytes -~~ total allocations/frees...: 142707/142707 +~~ total memory allocated....: 7767206 bytes +~~ total memory freed........: 7767206 bytes +~~ total allocations/frees...: 146388/146388 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 530 chars ~~ json string max len.......: 1093 chars diff --git a/test/results/default/crynet.pcap.out b/test/results/default/crynet.pcap.out index 940393ba1..8605f505b 100644 --- a/test/results/default/crynet.pcap.out +++ b/test/results/default/crynet.pcap.out @@ -44,9 +44,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601872 bytes -~~ total memory freed........: 7601872 bytes -~~ total allocations/frees...: 142783/142783 +~~ total memory allocated....: 7774937 bytes +~~ total memory freed........: 7774937 bytes +~~ total allocations/frees...: 146464/146464 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1100 chars diff --git a/test/results/default/custom_rules_same-ip_multiple_ports.pcapng.out b/test/results/default/custom_rules_same-ip_multiple_ports.pcapng.out index 83cde6ed8..876a53e2c 100644 --- a/test/results/default/custom_rules_same-ip_multiple_ports.pcapng.out +++ b/test/results/default/custom_rules_same-ip_multiple_ports.pcapng.out @@ -7,23 +7,30 @@ 00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1680119137435431,"flow_src_last_pkt_time":1680119137435431,"flow_dst_last_pkt_time":1680119137435431,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1680119137435431,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":59682,"dst_port":444,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1680119137435431,"flow_dst_last_pkt_time":1680119137435431,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1680119137435431,"pkt":"ILAB4IZiNObXAhsnCABFAAA8LchAAEAGRFHAqAH1AwMDA+kiAbwrwl9OAAAAAKAC+vDI0QAAAgQFtAQCCAqoD5jGAAAAAAEDAwc="} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1680119138460059,"flow_dst_last_pkt_time":1680119137435431,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1680119138460059,"pkt":"ILAB4IZiNObXAhsnCABFAAA8LclAAEAGRFDAqAH1AwMDA+kiAbwrwl9OAAAAAKAC+vDI0QAAAgQFtAQCCAqoD5zHAAAAAAEDAwc="} -01069{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":1680119132471406,"flow_src_last_pkt_time":1680119135516058,"flow_dst_last_pkt_time":1680119132471406,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1680119138460059,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":56866,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} -00799{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":1680119132471406,"flow_src_last_pkt_time":1680119135516058,"flow_dst_last_pkt_time":1680119132471406,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1680119138460059,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":56866,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1680119137435431,"flow_src_last_pkt_time":1680119138460059,"flow_dst_last_pkt_time":1680119137435431,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1680119138460059,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":59682,"dst_port":444,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00799{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1680119137435431,"flow_src_last_pkt_time":1680119138460059,"flow_dst_last_pkt_time":1680119137435431,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1680119138460059,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":59682,"dst_port":444,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00604{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","packets-captured":5,"packets-processed":5,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":1,"total-guessed-flows":1,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":14,"global_ts_usec":1680119138460059} +00602{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","packets-captured":6,"packets-processed":5,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":2,"total-active-flows":2,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":10,"global_ts_usec":1690371375710832} +00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690371375710832,"flow_src_last_pkt_time":1690371375710832,"flow_dst_last_pkt_time":1690371375710832,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690371375710832,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":58288,"dst_port":446,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1690371375710832,"flow_dst_last_pkt_time":1690371375710832,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1690371375710832,"pkt":"ILAB4IZiNObXAhsnCABFAAA8o61AAEAGzmvAqAH1AwMDA+OwAb5KplVKAAAAAKAC+vDI0QAAAgQFtAQCCApUfTfYAAAAAAEDAwc="} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1690371376732151,"flow_dst_last_pkt_time":1690371375710832,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1690371376732151,"pkt":"ILAB4IZiNObXAhsnCABFAAA8o65AAEAGzmrAqAH1AwMDA+OwAb5KplVKAAAAAKAC+vDI0QAAAgQFtAQCCApUfTvVAAAAAAEDAwc="} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1690371378748110,"flow_dst_last_pkt_time":1690371375710832,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1690371378748110,"pkt":"ILAB4IZiNObXAhsnCABFAAA8o69AAEAGzmnAqAH1AwMDA+OwAb5KplVKAAAAAKAC+vDI0QAAAgQFtAQCCApUfUO1AAAAAAEDAwc="} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":1690371375710832,"flow_src_last_pkt_time":1690371378748110,"flow_dst_last_pkt_time":1690371375710832,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690371378748110,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":58288,"dst_port":446,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00799{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":1690371375710832,"flow_src_last_pkt_time":1690371378748110,"flow_dst_last_pkt_time":1690371375710832,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690371378748110,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":58288,"dst_port":446,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01069{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":1680119132471406,"flow_src_last_pkt_time":1680119135516058,"flow_dst_last_pkt_time":1680119132471406,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690371378748110,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":56866,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} +00799{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":1680119132471406,"flow_src_last_pkt_time":1680119135516058,"flow_dst_last_pkt_time":1680119132471406,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690371378748110,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":56866,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1680119137435431,"flow_src_last_pkt_time":1680119138460059,"flow_dst_last_pkt_time":1680119137435431,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690371378748110,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":59682,"dst_port":444,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00799{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1680119137435431,"flow_src_last_pkt_time":1680119138460059,"flow_dst_last_pkt_time":1680119137435431,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690371378748110,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.3.3.3","src_port":59682,"dst_port":444,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00604{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/custom_rules_same-ip_multiple_ports.pcapng","alias":"nDPId-test","packets-captured":8,"packets-processed":8,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":2,"total-guessed-flows":1,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":3,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":21,"global_ts_usec":1690371378748110} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ -~~ packets captured/processed: 5/5 +~~ packets captured/processed: 8/8 ~~ skipped flows.............: 0 ~~ total layer4 data length..: 0 bytes ~~ total detected protocols..: 0 -~~ total active/idle flows...: 2/2 -~~ total timeout flows.......: 0 +~~ total active/idle flows...: 3/3 +~~ total timeout flows.......: 2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596113 bytes -~~ total memory freed........: 7596113 bytes -~~ total allocations/frees...: 142709/142709 +~~ total memory allocated....: 7771421 bytes +~~ total memory freed........: 7771421 bytes +~~ total allocations/frees...: 146406/146406 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 543 chars ~~ json string max len.......: 1074 chars -~~ json string avg len.......: 803 chars +~~ json string avg len.......: 806 chars diff --git a/test/results/default/dazn.pcapng.out b/test/results/default/dazn.pcapng.out index c57abb75c..b314ee17b 100644 --- a/test/results/default/dazn.pcapng.out +++ b/test/results/default/dazn.pcapng.out @@ -33,9 +33,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7610728 bytes -~~ total memory freed........: 7610728 bytes -~~ total allocations/frees...: 142736/142736 +~~ total memory allocated....: 7783769 bytes +~~ total memory freed........: 7783769 bytes +~~ total allocations/frees...: 146417/146417 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2497 chars diff --git a/test/results/default/dcerpc.pcap.out b/test/results/default/dcerpc.pcap.out index 6894fb187..c8eb6dae1 100644 --- a/test/results/default/dcerpc.pcap.out +++ b/test/results/default/dcerpc.pcap.out @@ -35,9 +35,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600596 bytes -~~ total memory freed........: 7600596 bytes -~~ total allocations/frees...: 142739/142739 +~~ total memory allocated....: 7773661 bytes +~~ total memory freed........: 7773661 bytes +~~ total allocations/frees...: 146420/146420 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1808 chars diff --git a/test/results/default/dhcp-fuzz.pcapng.out b/test/results/default/dhcp-fuzz.pcapng.out index d43ffae3a..671d54ff4 100644 --- a/test/results/default/dhcp-fuzz.pcapng.out +++ b/test/results/default/dhcp-fuzz.pcapng.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593761 bytes -~~ total memory freed........: 7593761 bytes -~~ total allocations/frees...: 142690/142690 +~~ total memory allocated....: 7766754 bytes +~~ total memory freed........: 7766754 bytes +~~ total allocations/frees...: 146371/146371 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 517 chars ~~ json string max len.......: 1004 chars diff --git a/test/results/default/diameter.pcap.out b/test/results/default/diameter.pcap.out index 7beed3c9c..e12a1117e 100644 --- a/test/results/default/diameter.pcap.out +++ b/test/results/default/diameter.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593934 bytes -~~ total memory freed........: 7593934 bytes -~~ total allocations/frees...: 142696/142696 +~~ total memory allocated....: 7766927 bytes +~~ total memory freed........: 7766927 bytes +~~ total allocations/frees...: 146377/146377 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 1107 chars diff --git a/test/results/default/discord.pcap.out b/test/results/default/discord.pcap.out index 753b4ee07..fad643597 100644 --- a/test/results/default/discord.pcap.out +++ b/test/results/default/discord.pcap.out @@ -322,9 +322,9 @@ ~~ total active/idle flows...: 34/34 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7682774 bytes -~~ total memory freed........: 7682774 bytes -~~ total allocations/frees...: 143475/143475 +~~ total memory allocated....: 7856559 bytes +~~ total memory freed........: 7856559 bytes +~~ total allocations/frees...: 147156/147156 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2458 chars diff --git a/test/results/default/discord_mid_flow.pcap.out b/test/results/default/discord_mid_flow.pcap.out index 64d3602da..ecc891ce0 100644 --- a/test/results/default/discord_mid_flow.pcap.out +++ b/test/results/default/discord_mid_flow.pcap.out @@ -41,9 +41,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 309 chars ~~ json string max len.......: 590 chars diff --git a/test/results/default/dlt_ppp.pcap.out b/test/results/default/dlt_ppp.pcap.out index 2159bca4e..aa91cf26c 100644 --- a/test/results/default/dlt_ppp.pcap.out +++ b/test/results/default/dlt_ppp.pcap.out @@ -10,9 +10,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 277 chars ~~ json string max len.......: 1955 chars diff --git a/test/results/default/dnp3.pcap.out b/test/results/default/dnp3.pcap.out index 99803e3a2..7246b811a 100644 --- a/test/results/default/dnp3.pcap.out +++ b/test/results/default/dnp3.pcap.out @@ -87,9 +87,9 @@ ~~ total active/idle flows...: 8/8 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7624823 bytes -~~ total memory freed........: 7624823 bytes -~~ total allocations/frees...: 143326/143326 +~~ total memory allocated....: 7797984 bytes +~~ total memory freed........: 7797984 bytes +~~ total allocations/frees...: 147007/147007 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2098 chars diff --git a/test/results/default/dns-google-nsid.pcapng.out b/test/results/default/dns-google-nsid.pcapng.out new file mode 100644 index 000000000..99a7728cb --- /dev/null +++ b/test/results/default/dns-google-nsid.pcapng.out @@ -0,0 +1,61 @@ +00518{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1690622872644843} +00815{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690622872644843,"flow_src_last_pkt_time":1690622872644843,"flow_dst_last_pkt_time":1690622872644843,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690622872644843,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:b332:20d:89ab:105e","dst_ip":"2001:4860:4860::8844","src_port":41624,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00608{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1690622872644843,"flow_dst_last_pkt_time":1690622872644843,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":106,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":106,"pkt_l4_len":52,"thread_ts_usec":1690622872644843,"pkt":"ILAB4IZiNObXAhsnht1gAfZ6ADQRQCABCwcKPcESszICDYmrEF4gAUhgSGAAAAAAAAAAAIhEopgANQA0fuyRUQEgAAEAAAAAAAEAAAIAAQAAKRAAAAAAAAAQAAMAAAAKAAjr5ips77+Grg=="} +01206{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690622872644843,"flow_src_last_pkt_time":1690622872644843,"flow_dst_last_pkt_time":1690622872644843,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690622872644843,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:b332:20d:89ab:105e","dst_ip":"2001:4860:4860::8844","src_port":41624,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","dns": {"num_queries":0,"num_answers":0,"reply_code":0,"query_type":2,"rsp_type":0,"rsp_addr":"0.0.0.0"}}} +00885{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1690622872644843,"flow_dst_last_pkt_time":1690622872652124,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":314,"pkt_l4_len":260,"thread_ts_usec":1690622872652124,"pkt":"NObXAhsnILAB4IZiht1oBYXDAQQReyABSGBIYAAAAAAAAAAAiEQgAQsHCj3BErMyAg2JqxBeADWimAEE5j2RUYGgAAEADQAAAAEAAAIAAQAAAgABAACPzQAUAWEMcm9vdC1zZXJ2ZXJzA25ldAAAAAIAAQAAj80ABAFiwB4AAAIAAQAAj80ABAFjwB4AAAIAAQAAj80ABAFkwB4AAAIAAQAAj80ABAFlwB4AAAIAAQAAj80ABAFmwB4AAAIAAQAAj80ABAFnwB4AAAIAAQAAj80ABAFowB4AAAIAAQAAj80ABAFpwB4AAAIAAQAAj80ABAFqwB4AAAIAAQAAj80ABAFrwB4AAAIAAQAAj80ABAFswB4AAAIAAQAAj80ABAFtwB4AACkCAAAAAAAADQADAAlncGRucy1taWw="} +01094{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690622872644843,"flow_src_last_pkt_time":1690622872644843,"flow_dst_last_pkt_time":1690622872652124,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":252,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":252,"midstream":0,"thread_ts_usec":1690622872652124,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:b332:20d:89ab:105e","dst_ip":"2001:4860:4860::8844","src_port":41624,"dst_port":53,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","dns": {"num_queries":1,"num_answers":14,"reply_code":0,"query_type":2,"rsp_type":2,"rsp_addr":"0.0.0.0"}}} +00583{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","packets-captured":3,"packets-processed":2,"total-skipped-flows":0,"total-l4-payload-len":296,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":8,"global_ts_usec":1690735119384155} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735119384155,"flow_src_last_pkt_time":1690735119384155,"flow_dst_last_pkt_time":1690735119384155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":45,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":45,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":45,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735119384155,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":58580,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1690735119384155,"flow_dst_last_pkt_time":1690735119384155,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"thread_ts_usec":1690735119384155,"pkt":"EBMx8Tl2nFg8p+7MCABFAABJMKYAAEARAADAqAEdCAgEBOTUADUANc4XTRUBIAABAAAAAAABA3d3dwRudG9wA29yZwAAAQABAAApEAAAAAAAAAQAAwAA"} +01184{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735119384155,"flow_src_last_pkt_time":1690735119384155,"flow_dst_last_pkt_time":1690735119384155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":45,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":45,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":45,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735119384155,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":58580,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.ntop","proto_id":"5.26","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network","hostname":"www.ntop.org","dns": {"num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}}} +00656{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1690735119384155,"flow_dst_last_pkt_time":1690735119412632,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":144,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":144,"pkt_l4_len":110,"thread_ts_usec":1690735119412632,"pkt":"nFg8p+7MEBMx8Tl2CABFAACCmWYAAHcR3DMICAQEwKgBHQA15NQAbgAATRWBgAABAAIAAAABA3d3dwRudG9wA29yZwAAAQABwAwABQABAAANrQAUEW50b3AtZGlnaXRhbG9jZWFuwBDAKgABAAEAAA4QAASyPsWCAAApAgAAAAAAAA0AAwAJZ3BkbnMtbWls"} +01078{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735119384155,"flow_src_last_pkt_time":1690735119384155,"flow_dst_last_pkt_time":1690735119412632,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":45,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":45,"flow_dst_max_l4_payload_len":102,"flow_src_tot_l4_payload_len":45,"flow_dst_tot_l4_payload_len":102,"midstream":0,"thread_ts_usec":1690735119412632,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":58580,"dst_port":53,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.ntop","proto_id":"5.26","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network","hostname":"www.ntop.org","dns": {"num_queries":1,"num_answers":3,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"178.62.197.130"}}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735122813182,"flow_src_last_pkt_time":1690735122813182,"flow_dst_last_pkt_time":1690735122813182,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":49,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":49,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":49,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735122813182,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":62500,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1690735122813182,"flow_dst_last_pkt_time":1690735122813182,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":91,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":91,"pkt_l4_len":57,"thread_ts_usec":1690735122813182,"pkt":"EBMx8Tl2nFg8p+7MCABFAABNjDcAAEARAADAqAEdCAgEBPQkADUAOc4byhEBIAABAAAAAAABA3d3dwl3aWtpcGVkaWECaXQAAAEAAQAAKRAAAAAAAAAEAAMAAA=="} +01194{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735122813182,"flow_src_last_pkt_time":1690735122813182,"flow_dst_last_pkt_time":1690735122813182,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":49,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":49,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":49,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735122813182,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":62500,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Wikipedia","proto_id":"5.176","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network","hostname":"www.wikipedia.it","dns": {"num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}}} +00776{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1690735122813182,"flow_dst_last_pkt_time":1690735123083988,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":234,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":234,"pkt_l4_len":200,"thread_ts_usec":1690735123083988,"pkt":"nFg8p+7MEBMx8Tl2CABFAADce9BAADgR+G8ICAQEwKgBHQA19CQAyAAAyhGBgAABAAYAAAABA3d3dwl3aWtpcGVkaWECaXQAAAEAAcAMAAUAAQAAAlgAEQZiN2ZkN2IEeWVwYQNjb20AwC4ABQABAAACWAAfDmQyeDJyOXhpOXJkM3NjCmNsb3VkZnJvbnQDbmV0AMBLAAEAAQAAADwABGydwhzASwABAAEAAAA8AARsncI+wEsAAQABAAAAPAAEbJ3CC8BLAAEAAQAAADwABGydwhsAACkQAAAAAAAACwADAAdyMy5taWwx"} +01088{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735122813182,"flow_src_last_pkt_time":1690735122813182,"flow_dst_last_pkt_time":1690735123083988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":49,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":49,"flow_dst_max_l4_payload_len":192,"flow_src_tot_l4_payload_len":49,"flow_dst_tot_l4_payload_len":192,"midstream":0,"thread_ts_usec":1690735123083988,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":62500,"dst_port":53,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Wikipedia","proto_id":"5.176","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network","hostname":"www.wikipedia.it","dns": {"num_queries":1,"num_answers":7,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"108.157.194.28"}}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735126272436,"flow_src_last_pkt_time":1690735126272436,"flow_dst_last_pkt_time":1690735126272436,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":50,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":50,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735126272436,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":51166,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1690735126272436,"flow_dst_last_pkt_time":1690735126272436,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":92,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":92,"pkt_l4_len":58,"thread_ts_usec":1690735126272436,"pkt":"EBMx8Tl2nFg8p+7MCABFAABOqzkAAEARAADAqAEdCAgEBMfeADUAOs4c4G8BIAABAAAAAAABA3d3dwl3aXJlc2hhcmsDb3JnAAABAAEAACkQAAAAAAAABAADAAA="} +01187{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735126272436,"flow_src_last_pkt_time":1690735126272436,"flow_dst_last_pkt_time":1690735126272436,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":50,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":50,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735126272436,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":51166,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"www.wireshark.org","dns": {"num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}}} +00660{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1690735126272436,"flow_dst_last_pkt_time":1690735126289473,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":147,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":147,"pkt_l4_len":113,"thread_ts_usec":1690735126289473,"pkt":"nFg8p+7MEBMx8Tl2CABFAACFnndAADgR1h8ICAQEwKgBHQA1x94AcQAA4G+BgAABAAMAAAABA3d3dwl3aXJlc2hhcmsDb3JnAAABAAHADAABAAEAAAEsAARoGgrwwAwAAQABAAABLAAEaBoL8MAMAAEAAQAAASwABKxDSycAACkQAAAAAAAACwADAAdyOS5taWwx"} +01080{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735126272436,"flow_src_last_pkt_time":1690735126272436,"flow_dst_last_pkt_time":1690735126289473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":50,"flow_dst_max_l4_payload_len":105,"flow_src_tot_l4_payload_len":50,"flow_dst_tot_l4_payload_len":105,"midstream":0,"thread_ts_usec":1690735126289473,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":51166,"dst_port":53,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"www.wireshark.org","dns": {"num_queries":1,"num_answers":4,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"104.26.10.240"}}} +01005{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690622872644843,"flow_src_last_pkt_time":1690622872644843,"flow_dst_last_pkt_time":1690622872652124,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":252,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":252,"midstream":0,"thread_ts_usec":1690735126289473,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:b332:20d:89ab:105e","dst_ip":"2001:4860:4860::8844","src_port":41624,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00803{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735295405421,"flow_src_last_pkt_time":1690735295405421,"flow_dst_last_pkt_time":1690735295405421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":57,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735295405421,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":46618,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00626{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1690735295405421,"flow_dst_last_pkt_time":1690735295405421,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":119,"pkt_l4_len":65,"thread_ts_usec":1690735295405421,"pkt":"\/gAAAAEBknpaADBHht1gCzOhAEERQCoDsMAAAgDQAAAAAANgQAEgAUhgSGAAAAAAAAAAAIiIthoANQBBWJNj9wEgAAEAAAAAAAEDd3d3BG50b3ADb3JnAAABAAEAACkQAAAAAAAAEAADAAAACgAIiAzGOW\/kn2M="} +01208{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735295405421,"flow_src_last_pkt_time":1690735295405421,"flow_dst_last_pkt_time":1690735295405421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":57,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735295405421,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":46618,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.ntop","proto_id":"5.26","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network","hostname":"www.ntop.org","dns": {"num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}}} +00687{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_src_last_pkt_time":1690735295405421,"flow_dst_last_pkt_time":1690735295421128,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":164,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":164,"pkt_l4_len":110,"thread_ts_usec":1690735295421128,"pkt":"knpaADBH\/gAAAAEBht1oASK5AG4RfCABSGBIYAAAAAAAAAAAiIgqA7DAAAIA0AAAAAADYEABADW2GgBu2etj94GAAAEAAgAAAAEDd3d3BG50b3ADb3JnAAABAAHADAAFAAEAAA0EABQRbnRvcC1kaWdpdGFsb2NlYW7AEMAqAAEAAQAADhAABLI+xYIAACkCAAAAAAAADQADAAlncGRucy1hbXM="} +01103{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735295405421,"flow_src_last_pkt_time":1690735295405421,"flow_dst_last_pkt_time":1690735295421128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":57,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":102,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":102,"midstream":0,"thread_ts_usec":1690735295421128,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":46618,"dst_port":53,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.ntop","proto_id":"5.26","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network","hostname":"www.ntop.org","dns": {"num_queries":1,"num_answers":3,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"178.62.197.130"}}} +00804{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735295434099,"flow_src_last_pkt_time":1690735295434099,"flow_dst_last_pkt_time":1690735295434099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":61,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":61,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735295434099,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":44924,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00630{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1690735295434099,"flow_dst_last_pkt_time":1690735295434099,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":123,"pkt_l4_len":69,"thread_ts_usec":1690735295434099,"pkt":"\/gAAAAEBknpaADBHht1gD2HyAEURQCoDsMAAAgDQAAAAAANgQAEgAUhgSGAAAAAAAAAAAIiIr3wANQBFWJcqoAEgAAEAAAAAAAEDd3d3CXdpa2lwZWRpYQJpdAAAAQABAAApEAAAAAAAABAAAwAAAAoACCHievNjAnWy"} +01219{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735295434099,"flow_src_last_pkt_time":1690735295434099,"flow_dst_last_pkt_time":1690735295434099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":61,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":61,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735295434099,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":44924,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Wikipedia","proto_id":"5.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network","hostname":"www.wikipedia.it","dns": {"num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}}} +00811{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_src_last_pkt_time":1690735295434099,"flow_dst_last_pkt_time":1690735295632475,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":256,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":256,"pkt_l4_len":202,"thread_ts_usec":1690735295632475,"pkt":"knpaADBH\/gAAAAEBht1oClabAMoRfCABSGBIYAAAAAAAAAAAiIgqA7DAAAIA0AAAAAADYEABADWvfADKSl8qoIGAAAEABgAAAAEDd3d3CXdpa2lwZWRpYQJpdAAAAQABwAwABQABAAACWAARBmI3ZmQ3YgR5ZXBhA2NvbQDALgAFAAEAAAJYAB8OZDJ4MnI5eGk5cmQzc2MKY2xvdWRmcm9udANuZXQAwEsAAQABAAAAPAAEEkMnOsBLAAEAAQAAADwABBJDJxXASwABAAEAAAA8AAQSQycYwEsAAQABAAAAPAAEEkMnMwAAKQIAAAAAAAANAAMACWdwZG5zLWFtcw=="} +01110{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735295434099,"flow_src_last_pkt_time":1690735295434099,"flow_dst_last_pkt_time":1690735295632475,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":61,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":194,"flow_src_tot_l4_payload_len":61,"flow_dst_tot_l4_payload_len":194,"midstream":0,"thread_ts_usec":1690735295632475,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":44924,"dst_port":53,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Wikipedia","proto_id":"5.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network","hostname":"www.wikipedia.it","dns": {"num_queries":1,"num_answers":7,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"18.67.39.58"}}} +00804{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735295644786,"flow_src_last_pkt_time":1690735295644786,"flow_dst_last_pkt_time":1690735295644786,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":62,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":62,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735295644786,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":43660,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00634{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":1690735295644786,"flow_dst_last_pkt_time":1690735295644786,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":124,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":124,"pkt_l4_len":70,"thread_ts_usec":1690735295644786,"pkt":"\/gAAAAEBknpaADBHht1gBWDQAEYRQCoDsMAAAgDQAAAAAANgQAEgAUhgSGAAAAAAAAAAAIiIqowANQBGWJj6owEgAAEAAAAAAAEDd3d3CXdpcmVzaGFyawNvcmcAAAEAAQAAKRAAAAAAAAAQAAMAAAAKAAjE69aA5X934g=="} +01212{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690735295644786,"flow_src_last_pkt_time":1690735295644786,"flow_dst_last_pkt_time":1690735295644786,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":62,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":62,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690735295644786,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":43660,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"www.wireshark.org","dns": {"num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}}} +00696{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":2,"flow_src_last_pkt_time":1690735295644786,"flow_dst_last_pkt_time":1690735295654626,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":169,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":169,"pkt_l4_len":115,"thread_ts_usec":1690735295654626,"pkt":"knpaADBH\/gAAAAEBht1oBdwRAHMRfCABSGBIYAAAAAAAAAAAiIgqA7DAAAIA0AAAAAADYEABADWqjABziA\/6o4GAAAEAAwAAAAEDd3d3CXdpcmVzaGFyawNvcmcAAAEAAcAMAAEAAQAAASwABGgaCvDADAABAAEAAAEsAARoGgvwwAwAAQABAAABLAAErENLJwAAKQIAAAAAAAANAAMACWdwZG5zLWFtcw=="} +01105{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735295644786,"flow_src_last_pkt_time":1690735295644786,"flow_dst_last_pkt_time":1690735295654626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":62,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":62,"flow_dst_tot_l4_payload_len":107,"midstream":0,"thread_ts_usec":1690735295654626,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":43660,"dst_port":53,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"www.wireshark.org","dns": {"num_queries":1,"num_answers":4,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"104.26.10.240"}}} +00970{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735126272436,"flow_src_last_pkt_time":1690735126272436,"flow_dst_last_pkt_time":1690735126289473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":50,"flow_dst_max_l4_payload_len":105,"flow_src_tot_l4_payload_len":50,"flow_dst_tot_l4_payload_len":105,"midstream":0,"thread_ts_usec":1690735295654626,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":51166,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00996{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735295405421,"flow_src_last_pkt_time":1690735295405421,"flow_dst_last_pkt_time":1690735295421128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":57,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":102,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":102,"midstream":0,"thread_ts_usec":1690735295654626,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":46618,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.ntop","proto_id":"5.26","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network"}} +01002{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735295434099,"flow_src_last_pkt_time":1690735295434099,"flow_dst_last_pkt_time":1690735295632475,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":61,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":194,"flow_src_tot_l4_payload_len":61,"flow_dst_tot_l4_payload_len":194,"midstream":0,"thread_ts_usec":1690735295654626,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":44924,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Wikipedia","proto_id":"5.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network"}} +00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735122813182,"flow_src_last_pkt_time":1690735122813182,"flow_dst_last_pkt_time":1690735123083988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":49,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":49,"flow_dst_max_l4_payload_len":192,"flow_src_tot_l4_payload_len":49,"flow_dst_tot_l4_payload_len":192,"midstream":0,"thread_ts_usec":1690735295654626,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":62500,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Wikipedia","proto_id":"5.176","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network"}} +00972{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735119384155,"flow_src_last_pkt_time":1690735119384155,"flow_dst_last_pkt_time":1690735119412632,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":45,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":45,"flow_dst_max_l4_payload_len":102,"flow_src_tot_l4_payload_len":45,"flow_dst_tot_l4_payload_len":102,"midstream":0,"thread_ts_usec":1690735295654626,"l3_proto":"ip4","src_ip":"192.168.1.29","dst_ip":"8.8.4.4","src_port":58580,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.ntop","proto_id":"5.26","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network"}} +00994{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690735295644786,"flow_src_last_pkt_time":1690735295644786,"flow_dst_last_pkt_time":1690735295654626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":62,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":62,"flow_dst_tot_l4_payload_len":107,"midstream":0,"thread_ts_usec":1690735295654626,"l3_proto":"ip6","src_ip":"2a03:b0c0:2:d0::360:4001","dst_ip":"2001:4860:4860::8888","src_port":43660,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00590{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/dns-google-nsid.pcapng","alias":"nDPId-test","packets-captured":14,"packets-processed":14,"total-skipped-flows":0,"total-l4-payload-len":1422,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":7,"total-detection-updates":7,"total-updates":0,"current-active-flows":0,"total-active-flows":7,"total-idle-flows":7,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":46,"global_ts_usec":1690735295654626} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 14/14 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1422 bytes +~~ total detected protocols..: 7 +~~ total active/idle flows...: 7/7 +~~ total timeout flows.......: 0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 7780047 bytes +~~ total memory freed........: 7780047 bytes +~~ total allocations/frees...: 146451/146451 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ json string min len.......: 523 chars +~~ json string max len.......: 1224 chars +~~ json string avg len.......: 872 chars diff --git a/test/results/default/dns-invalid-chars.pcap.out b/test/results/default/dns-invalid-chars.pcap.out index 7cc0d6062..89c58b451 100644 --- a/test/results/default/dns-invalid-chars.pcap.out +++ b/test/results/default/dns-invalid-chars.pcap.out @@ -15,9 +15,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593818 bytes -~~ total memory freed........: 7593818 bytes -~~ total allocations/frees...: 142692/142692 +~~ total memory allocated....: 7766811 bytes +~~ total memory freed........: 7766811 bytes +~~ total allocations/frees...: 146373/146373 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 1317 chars diff --git a/test/results/default/dns-tunnel-iodine.pcap.out b/test/results/default/dns-tunnel-iodine.pcap.out index d1a4b5dc4..b7213f933 100644 --- a/test/results/default/dns-tunnel-iodine.pcap.out +++ b/test/results/default/dns-tunnel-iodine.pcap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7606396 bytes -~~ total memory freed........: 7606396 bytes -~~ total allocations/frees...: 143126/143126 +~~ total memory allocated....: 7779389 bytes +~~ total memory freed........: 7779389 bytes +~~ total allocations/frees...: 146807/146807 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 2394 chars diff --git a/test/results/default/dns_ambiguous_names.pcap.out b/test/results/default/dns_ambiguous_names.pcap.out index a412a49df..b26b2d9d8 100644 --- a/test/results/default/dns_ambiguous_names.pcap.out +++ b/test/results/default/dns_ambiguous_names.pcap.out @@ -69,9 +69,9 @@ ~~ total active/idle flows...: 10/10 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613480 bytes -~~ total memory freed........: 7613480 bytes -~~ total allocations/frees...: 142810/142810 +~~ total memory allocated....: 7786689 bytes +~~ total memory freed........: 7786689 bytes +~~ total allocations/frees...: 146491/146491 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 525 chars ~~ json string max len.......: 1216 chars diff --git a/test/results/default/dns_doh.pcap.out b/test/results/default/dns_doh.pcap.out index 7118d6de0..dc7adcf8e 100644 --- a/test/results/default/dns_doh.pcap.out +++ b/test/results/default/dns_doh.pcap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7607401 bytes -~~ total memory freed........: 7607401 bytes -~~ total allocations/frees...: 142838/142838 +~~ total memory allocated....: 7780394 bytes +~~ total memory freed........: 7780394 bytes +~~ total allocations/frees...: 146519/146519 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2171 chars diff --git a/test/results/default/dns_dot.pcap.out b/test/results/default/dns_dot.pcap.out index 1583fbb9e..0ba736a61 100644 --- a/test/results/default/dns_dot.pcap.out +++ b/test/results/default/dns_dot.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602790 bytes -~~ total memory freed........: 7602790 bytes -~~ total allocations/frees...: 142732/142732 +~~ total memory allocated....: 7775783 bytes +~~ total memory freed........: 7775783 bytes +~~ total allocations/frees...: 146413/146413 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 1916 chars diff --git a/test/results/default/dns_exfiltration.pcap.out b/test/results/default/dns_exfiltration.pcap.out index dbd0b574c..d95b15189 100644 --- a/test/results/default/dns_exfiltration.pcap.out +++ b/test/results/default/dns_exfiltration.pcap.out @@ -20,9 +20,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602574 bytes -~~ total memory freed........: 7602574 bytes -~~ total allocations/frees...: 142992/142992 +~~ total memory allocated....: 7775567 bytes +~~ total memory freed........: 7775567 bytes +~~ total allocations/frees...: 146673/146673 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 522 chars ~~ json string max len.......: 2502 chars diff --git a/test/results/default/dns_fragmented.pcap.out b/test/results/default/dns_fragmented.pcap.out index ca9b989c1..89a7f5552 100644 --- a/test/results/default/dns_fragmented.pcap.out +++ b/test/results/default/dns_fragmented.pcap.out @@ -158,9 +158,9 @@ ~~ total active/idle flows...: 21/21 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7638171 bytes -~~ total memory freed........: 7638171 bytes -~~ total allocations/frees...: 142979/142979 +~~ total memory allocated....: 7811644 bytes +~~ total memory freed........: 7811644 bytes +~~ total allocations/frees...: 146660/146660 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 325 chars ~~ json string max len.......: 2522 chars diff --git a/test/results/default/dns_invert_query.pcapng.out b/test/results/default/dns_invert_query.pcapng.out index 6ba70900e..d5de8da1e 100644 --- a/test/results/default/dns_invert_query.pcapng.out +++ b/test/results/default/dns_invert_query.pcapng.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593790 bytes -~~ total memory freed........: 7593790 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766783 bytes +~~ total memory freed........: 7766783 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 524 chars ~~ json string max len.......: 1070 chars diff --git a/test/results/default/dns_long_domainname.pcap.out b/test/results/default/dns_long_domainname.pcap.out index 5ea202d2b..fcaba098f 100644 --- a/test/results/default/dns_long_domainname.pcap.out +++ b/test/results/default/dns_long_domainname.pcap.out @@ -15,9 +15,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593842 bytes -~~ total memory freed........: 7593842 bytes -~~ total allocations/frees...: 142693/142693 +~~ total memory allocated....: 7766835 bytes +~~ total memory freed........: 7766835 bytes +~~ total allocations/frees...: 146374/146374 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 525 chars ~~ json string max len.......: 1221 chars diff --git a/test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out b/test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out index 42fa75457..cef8d7921 100644 --- a/test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out +++ b/test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out @@ -1545,9 +1545,9 @@ ~~ total active/idle flows...: 245/245 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8126168 bytes -~~ total memory freed........: 8126168 bytes -~~ total allocations/frees...: 145862/145862 +~~ total memory allocated....: 8305017 bytes +~~ total memory freed........: 8305017 bytes +~~ total allocations/frees...: 149543/149543 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 338 chars ~~ json string max len.......: 2508 chars diff --git a/test/results/default/dnscrypt-v2-doh.pcap.out b/test/results/default/dnscrypt-v2-doh.pcap.out index a4ceae81b..cf21ab4d8 100644 --- a/test/results/default/dnscrypt-v2-doh.pcap.out +++ b/test/results/default/dnscrypt-v2-doh.pcap.out @@ -315,9 +315,9 @@ ~~ total active/idle flows...: 34/34 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7962940 bytes -~~ total memory freed........: 7962940 bytes -~~ total allocations/frees...: 143826/143826 +~~ total memory allocated....: 8136725 bytes +~~ total memory freed........: 8136725 bytes +~~ total allocations/frees...: 147507/147507 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 4788 chars diff --git a/test/results/default/dnscrypt-v2.pcap.out b/test/results/default/dnscrypt-v2.pcap.out index a2153ab69..01e88ad8b 100644 --- a/test/results/default/dnscrypt-v2.pcap.out +++ b/test/results/default/dnscrypt-v2.pcap.out @@ -24,9 +24,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598182 bytes -~~ total memory freed........: 7598182 bytes -~~ total allocations/frees...: 142718/142718 +~~ total memory allocated....: 7771223 bytes +~~ total memory freed........: 7771223 bytes +~~ total allocations/frees...: 146399/146399 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 517 chars ~~ json string max len.......: 1999 chars diff --git a/test/results/default/dnscrypt_skype_false_positive.pcapng.out b/test/results/default/dnscrypt_skype_false_positive.pcapng.out index d8a1650d5..b9c37e392 100644 --- a/test/results/default/dnscrypt_skype_false_positive.pcapng.out +++ b/test/results/default/dnscrypt_skype_false_positive.pcapng.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593934 bytes -~~ total memory freed........: 7593934 bytes -~~ total allocations/frees...: 142696/142696 +~~ total memory allocated....: 7766927 bytes +~~ total memory freed........: 7766927 bytes +~~ total allocations/frees...: 146377/146377 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 537 chars ~~ json string max len.......: 1235 chars diff --git a/test/results/default/doh.pcapng.out b/test/results/default/doh.pcapng.out index ebf353484..6ad8b12a4 100644 --- a/test/results/default/doh.pcapng.out +++ b/test/results/default/doh.pcapng.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7607170 bytes -~~ total memory freed........: 7607170 bytes -~~ total allocations/frees...: 142816/142816 +~~ total memory allocated....: 7780163 bytes +~~ total memory freed........: 7780163 bytes +~~ total allocations/frees...: 146497/146497 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2280 chars diff --git a/test/results/default/doq.pcapng.out b/test/results/default/doq.pcapng.out index 8885e13c2..6e2bcbb88 100644 --- a/test/results/default/doq.pcapng.out +++ b/test/results/default/doq.pcapng.out @@ -25,9 +25,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7606598 bytes -~~ total memory freed........: 7606598 bytes -~~ total allocations/frees...: 142742/142742 +~~ total memory allocated....: 7779615 bytes +~~ total memory freed........: 7779615 bytes +~~ total allocations/frees...: 146423/146423 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2220 chars diff --git a/test/results/default/doq_adguard.pcapng.out b/test/results/default/doq_adguard.pcapng.out index b873e2850..dbd3e209d 100644 --- a/test/results/default/doq_adguard.pcapng.out +++ b/test/results/default/doq_adguard.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7612414 bytes -~~ total memory freed........: 7612414 bytes -~~ total allocations/frees...: 143007/143007 +~~ total memory allocated....: 7785407 bytes +~~ total memory freed........: 7785407 bytes +~~ total allocations/frees...: 146688/146688 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2331 chars diff --git a/test/results/default/dos_win98_smb_netbeui.pcap.out b/test/results/default/dos_win98_smb_netbeui.pcap.out index ef97f1ba9..44acd2b3f 100644 --- a/test/results/default/dos_win98_smb_netbeui.pcap.out +++ b/test/results/default/dos_win98_smb_netbeui.pcap.out @@ -116,9 +116,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601846 bytes -~~ total memory freed........: 7601846 bytes -~~ total allocations/frees...: 142782/142782 +~~ total memory allocated....: 7774911 bytes +~~ total memory freed........: 7774911 bytes +~~ total allocations/frees...: 146463/146463 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 311 chars ~~ json string max len.......: 2200 chars diff --git a/test/results/default/drda_db2.pcap.out b/test/results/default/drda_db2.pcap.out index dc2101a43..330aba2d6 100644 --- a/test/results/default/drda_db2.pcap.out +++ b/test/results/default/drda_db2.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596910 bytes -~~ total memory freed........: 7596910 bytes -~~ total allocations/frees...: 142729/142729 +~~ total memory allocated....: 7769903 bytes +~~ total memory freed........: 7769903 bytes +~~ total allocations/frees...: 146410/146410 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2213 chars diff --git a/test/results/default/dropbox.pcap.out b/test/results/default/dropbox.pcap.out index c74da769a..ef3b6d5ec 100644 --- a/test/results/default/dropbox.pcap.out +++ b/test/results/default/dropbox.pcap.out @@ -133,9 +133,9 @@ ~~ total active/idle flows...: 15/15 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7647920 bytes -~~ total memory freed........: 7647920 bytes -~~ total allocations/frees...: 143686/143686 +~~ total memory allocated....: 7821249 bytes +~~ total memory freed........: 7821249 bytes +~~ total allocations/frees...: 147367/147367 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2356 chars diff --git a/test/results/default/dtls.pcap.out b/test/results/default/dtls.pcap.out index 41dfcc960..0e9f60ed4 100644 --- a/test/results/default/dtls.pcap.out +++ b/test/results/default/dtls.pcap.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593826 bytes -~~ total memory freed........: 7593826 bytes -~~ total allocations/frees...: 142693/142693 +~~ total memory allocated....: 7766819 bytes +~~ total memory freed........: 7766819 bytes +~~ total allocations/frees...: 146374/146374 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1413 chars diff --git a/test/results/default/dtls2.pcap.out b/test/results/default/dtls2.pcap.out index 5d9016134..34e9bf4cd 100644 --- a/test/results/default/dtls2.pcap.out +++ b/test/results/default/dtls2.pcap.out @@ -23,9 +23,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594718 bytes -~~ total memory freed........: 7594718 bytes -~~ total allocations/frees...: 142724/142724 +~~ total memory allocated....: 7767711 bytes +~~ total memory freed........: 7767711 bytes +~~ total allocations/frees...: 146405/146405 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1633 chars diff --git a/test/results/default/dtls_certificate.pcapng.out b/test/results/default/dtls_certificate.pcapng.out index 4b129927e..0a3861ac5 100644 --- a/test/results/default/dtls_certificate.pcapng.out +++ b/test/results/default/dtls_certificate.pcapng.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596058 bytes -~~ total memory freed........: 7596058 bytes -~~ total allocations/frees...: 142695/142695 +~~ total memory allocated....: 7769051 bytes +~~ total memory freed........: 7769051 bytes +~~ total allocations/frees...: 146376/146376 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 524 chars ~~ json string max len.......: 2481 chars diff --git a/test/results/default/dtls_certificate_fragments.pcap.out b/test/results/default/dtls_certificate_fragments.pcap.out index 5f62fcff1..e371c6dc4 100644 --- a/test/results/default/dtls_certificate_fragments.pcap.out +++ b/test/results/default/dtls_certificate_fragments.pcap.out @@ -30,9 +30,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7603321 bytes -~~ total memory freed........: 7603321 bytes -~~ total allocations/frees...: 142742/142742 +~~ total memory allocated....: 7776338 bytes +~~ total memory freed........: 7776338 bytes +~~ total allocations/frees...: 146423/146423 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 532 chars ~~ json string max len.......: 2433 chars diff --git a/test/results/default/dtls_mid_sessions.pcapng.out b/test/results/default/dtls_mid_sessions.pcapng.out index 9e2ea312f..9e9d1e7f6 100644 --- a/test/results/default/dtls_mid_sessions.pcapng.out +++ b/test/results/default/dtls_mid_sessions.pcapng.out @@ -37,9 +37,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602771 bytes -~~ total memory freed........: 7602771 bytes -~~ total allocations/frees...: 142814/142814 +~~ total memory allocated....: 7775836 bytes +~~ total memory freed........: 7775836 bytes +~~ total allocations/frees...: 146495/146495 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 525 chars ~~ json string max len.......: 2504 chars diff --git a/test/results/default/dtls_old_version.pcapng.out b/test/results/default/dtls_old_version.pcapng.out index bbbc1f62b..ca656d011 100644 --- a/test/results/default/dtls_old_version.pcapng.out +++ b/test/results/default/dtls_old_version.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594010 bytes -~~ total memory freed........: 7594010 bytes -~~ total allocations/frees...: 142699/142699 +~~ total memory allocated....: 7767003 bytes +~~ total memory freed........: 7767003 bytes +~~ total allocations/frees...: 146380/146380 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 524 chars ~~ json string max len.......: 1206 chars diff --git a/test/results/default/dtls_session_id_and_coockie_both.pcap.out b/test/results/default/dtls_session_id_and_coockie_both.pcap.out index ff3f66c4c..976e9e6fc 100644 --- a/test/results/default/dtls_session_id_and_coockie_both.pcap.out +++ b/test/results/default/dtls_session_id_and_coockie_both.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593884 bytes -~~ total memory freed........: 7593884 bytes -~~ total allocations/frees...: 142695/142695 +~~ total memory allocated....: 7766877 bytes +~~ total memory freed........: 7766877 bytes +~~ total allocations/frees...: 146376/146376 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 538 chars ~~ json string max len.......: 1441 chars diff --git a/test/results/default/edonkey.pcap.out b/test/results/default/edonkey.pcap.out index bc598e322..65c3a2934 100644 --- a/test/results/default/edonkey.pcap.out +++ b/test/results/default/edonkey.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596301 bytes -~~ total memory freed........: 7596301 bytes -~~ total allocations/frees...: 142708/142708 +~~ total memory allocated....: 7769294 bytes +~~ total memory freed........: 7769294 bytes +~~ total allocations/frees...: 146389/146389 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 1097 chars diff --git a/test/results/default/elasticsearch.pcap.out b/test/results/default/elasticsearch.pcap.out index 1158ed778..bcbe18e57 100644 --- a/test/results/default/elasticsearch.pcap.out +++ b/test/results/default/elasticsearch.pcap.out @@ -50,9 +50,9 @@ ~~ total active/idle flows...: 7/7 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7622203 bytes -~~ total memory freed........: 7622203 bytes -~~ total allocations/frees...: 142810/142810 +~~ total memory allocated....: 7795340 bytes +~~ total memory freed........: 7795340 bytes +~~ total allocations/frees...: 146491/146491 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2903 chars diff --git a/test/results/default/emotet.pcap.out b/test/results/default/emotet.pcap.out index 5443ed93e..eba7e6e9d 100644 --- a/test/results/default/emotet.pcap.out +++ b/test/results/default/emotet.pcap.out @@ -70,9 +70,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7696949 bytes -~~ total memory freed........: 7696949 bytes -~~ total allocations/frees...: 145157/145157 +~~ total memory allocated....: 7870062 bytes +~~ total memory freed........: 7870062 bytes +~~ total allocations/frees...: 148838/148838 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2416 chars diff --git a/test/results/default/encrypted_sni.pcap.out b/test/results/default/encrypted_sni.pcap.out index d46aaa3cc..73ea5b062 100644 --- a/test/results/default/encrypted_sni.pcap.out +++ b/test/results/default/encrypted_sni.pcap.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7606120 bytes -~~ total memory freed........: 7606120 bytes -~~ total allocations/frees...: 142727/142727 +~~ total memory allocated....: 7779161 bytes +~~ total memory freed........: 7779161 bytes +~~ total allocations/frees...: 146408/146408 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 1507 chars diff --git a/test/results/default/epicgames.pcapng.out b/test/results/default/epicgames.pcapng.out index d6820a896..be79dc438 100644 --- a/test/results/default/epicgames.pcapng.out +++ b/test/results/default/epicgames.pcapng.out @@ -41,9 +41,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602481 bytes -~~ total memory freed........: 7602481 bytes -~~ total allocations/frees...: 142804/142804 +~~ total memory allocated....: 7775546 bytes +~~ total memory freed........: 7775546 bytes +~~ total allocations/frees...: 146485/146485 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 517 chars ~~ json string max len.......: 984 chars diff --git a/test/results/default/esp.pcapng.out b/test/results/default/esp.pcapng.out index 342a34a54..bf021cc93 100644 --- a/test/results/default/esp.pcapng.out +++ b/test/results/default/esp.pcapng.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596058 bytes -~~ total memory freed........: 7596058 bytes -~~ total allocations/frees...: 142707/142707 +~~ total memory allocated....: 7769075 bytes +~~ total memory freed........: 7769075 bytes +~~ total allocations/frees...: 146388/146388 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1077 chars diff --git a/test/results/default/ethereum.pcap.out b/test/results/default/ethereum.pcap.out index 100d6fbf2..a6284a8a9 100644 --- a/test/results/default/ethereum.pcap.out +++ b/test/results/default/ethereum.pcap.out @@ -579,9 +579,9 @@ ~~ total active/idle flows...: 74/74 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7806868 bytes -~~ total memory freed........: 7806868 bytes -~~ total allocations/frees...: 145495/145495 +~~ total memory allocated....: 7981613 bytes +~~ total memory freed........: 7981613 bytes +~~ total allocations/frees...: 149176/149176 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2259 chars diff --git a/test/results/default/ethernetIP.pcap.out b/test/results/default/ethernetIP.pcap.out index a50b0b2d5..b681e5705 100644 --- a/test/results/default/ethernetIP.pcap.out +++ b/test/results/default/ethernetIP.pcap.out @@ -41,9 +41,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7603032 bytes -~~ total memory freed........: 7603032 bytes -~~ total allocations/frees...: 142823/142823 +~~ total memory allocated....: 7776097 bytes +~~ total memory freed........: 7776097 bytes +~~ total allocations/frees...: 146504/146504 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2151 chars diff --git a/test/results/default/exe_download.pcap.out b/test/results/default/exe_download.pcap.out index befa6083e..41571b85a 100644 --- a/test/results/default/exe_download.pcap.out +++ b/test/results/default/exe_download.pcap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7614373 bytes -~~ total memory freed........: 7614373 bytes -~~ total allocations/frees...: 143402/143402 +~~ total memory allocated....: 7787366 bytes +~~ total memory freed........: 7787366 bytes +~~ total allocations/frees...: 147083/147083 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 2654 chars diff --git a/test/results/default/exe_download_as_png.pcap.out b/test/results/default/exe_download_as_png.pcap.out index 7c4ec9bb0..2635cf90d 100644 --- a/test/results/default/exe_download_as_png.pcap.out +++ b/test/results/default/exe_download_as_png.pcap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7609386 bytes -~~ total memory freed........: 7609386 bytes -~~ total allocations/frees...: 143231/143231 +~~ total memory allocated....: 7782379 bytes +~~ total memory freed........: 7782379 bytes +~~ total allocations/frees...: 146912/146912 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 525 chars ~~ json string max len.......: 2554 chars diff --git a/test/results/default/facebook.pcap.out b/test/results/default/facebook.pcap.out index 6c9eccd1c..f4af38391 100644 --- a/test/results/default/facebook.pcap.out +++ b/test/results/default/facebook.pcap.out @@ -29,9 +29,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613047 bytes -~~ total memory freed........: 7613047 bytes -~~ total allocations/frees...: 142786/142786 +~~ total memory allocated....: 7786064 bytes +~~ total memory freed........: 7786064 bytes +~~ total allocations/frees...: 146467/146467 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2200 chars diff --git a/test/results/default/fastcgi.pcap.out b/test/results/default/fastcgi.pcap.out index 3b6a85903..a20ab72d3 100644 --- a/test/results/default/fastcgi.pcap.out +++ b/test/results/default/fastcgi.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598805 bytes -~~ total memory freed........: 7598805 bytes -~~ total allocations/frees...: 142795/142795 +~~ total memory allocated....: 7771798 bytes +~~ total memory freed........: 7771798 bytes +~~ total allocations/frees...: 146476/146476 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2127 chars diff --git a/test/results/default/firefox.pcap.out b/test/results/default/firefox.pcap.out index 6f907bdd9..ece884ab7 100644 --- a/test/results/default/firefox.pcap.out +++ b/test/results/default/firefox.pcap.out @@ -63,9 +63,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7750403 bytes -~~ total memory freed........: 7750403 bytes -~~ total allocations/frees...: 142918/142918 +~~ total memory allocated....: 7923516 bytes +~~ total memory freed........: 7923516 bytes +~~ total allocations/frees...: 146599/146599 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 1471 chars diff --git a/test/results/default/fix.pcap.out b/test/results/default/fix.pcap.out index 8a014feb6..befbd9187 100644 --- a/test/results/default/fix.pcap.out +++ b/test/results/default/fix.pcap.out @@ -110,9 +110,9 @@ ~~ total active/idle flows...: 12/12 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7678269 bytes -~~ total memory freed........: 7678269 bytes -~~ total allocations/frees...: 144084/144084 +~~ total memory allocated....: 7851526 bytes +~~ total memory freed........: 7851526 bytes +~~ total allocations/frees...: 147765/147765 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2339 chars diff --git a/test/results/default/fix2.pcap.out b/test/results/default/fix2.pcap.out index c023a27cd..0911e389c 100644 --- a/test/results/default/fix2.pcap.out +++ b/test/results/default/fix2.pcap.out @@ -27,9 +27,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7688314 bytes -~~ total memory freed........: 7688314 bytes -~~ total allocations/frees...: 145749/145749 +~~ total memory allocated....: 7861331 bytes +~~ total memory freed........: 7861331 bytes +~~ total allocations/frees...: 149430/149430 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2064 chars diff --git a/test/results/default/forticlient.pcap.out b/test/results/default/forticlient.pcap.out index 6831e9b89..a616d88bc 100644 --- a/test/results/default/forticlient.pcap.out +++ b/test/results/default/forticlient.pcap.out @@ -60,9 +60,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7706975 bytes -~~ total memory freed........: 7706975 bytes -~~ total allocations/frees...: 144774/144774 +~~ total memory allocated....: 7880064 bytes +~~ total memory freed........: 7880064 bytes +~~ total allocations/frees...: 148455/148455 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 517 chars ~~ json string max len.......: 2457 chars diff --git a/test/results/default/ftp-start-tls.pcap.out b/test/results/default/ftp-start-tls.pcap.out index f130753b0..2e53a24e4 100644 --- a/test/results/default/ftp-start-tls.pcap.out +++ b/test/results/default/ftp-start-tls.pcap.out @@ -22,9 +22,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601598 bytes -~~ total memory freed........: 7601598 bytes -~~ total allocations/frees...: 142749/142749 +~~ total memory allocated....: 7774591 bytes +~~ total memory freed........: 7774591 bytes +~~ total allocations/frees...: 146430/146430 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 1950 chars diff --git a/test/results/default/ftp.pcap.out b/test/results/default/ftp.pcap.out index e74cada33..fa6d5edbb 100644 --- a/test/results/default/ftp.pcap.out +++ b/test/results/default/ftp.pcap.out @@ -35,9 +35,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7638751 bytes -~~ total memory freed........: 7638751 bytes -~~ total allocations/frees...: 143908/143908 +~~ total memory allocated....: 7811792 bytes +~~ total memory freed........: 7811792 bytes +~~ total allocations/frees...: 147589/147589 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2469 chars diff --git a/test/results/default/ftp_failed.pcap.out b/test/results/default/ftp_failed.pcap.out index e095c65e5..02fb0ff43 100644 --- a/test/results/default/ftp_failed.pcap.out +++ b/test/results/default/ftp_failed.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596357 bytes -~~ total memory freed........: 7596357 bytes -~~ total allocations/frees...: 142710/142710 +~~ total memory allocated....: 7769350 bytes +~~ total memory freed........: 7769350 bytes +~~ total allocations/frees...: 146391/146391 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 1236 chars diff --git a/test/results/default/fuzz-2006-06-26-2594.pcap.out b/test/results/default/fuzz-2006-06-26-2594.pcap.out index e2be1b7d1..3919ba75a 100644 --- a/test/results/default/fuzz-2006-06-26-2594.pcap.out +++ b/test/results/default/fuzz-2006-06-26-2594.pcap.out @@ -2123,9 +2123,9 @@ ~~ total active/idle flows...: 257/257 ~~ total timeout flows.......: 2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8185125 bytes -~~ total memory freed........: 8185125 bytes -~~ total allocations/frees...: 146112/146112 +~~ total memory allocated....: 8364262 bytes +~~ total memory freed........: 8364262 bytes +~~ total allocations/frees...: 149793/149793 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 311 chars ~~ json string max len.......: 2450 chars diff --git a/test/results/default/fuzz-2006-09-29-28586.pcap.out b/test/results/default/fuzz-2006-09-29-28586.pcap.out index d50e99103..1fba71841 100644 --- a/test/results/default/fuzz-2006-09-29-28586.pcap.out +++ b/test/results/default/fuzz-2006-09-29-28586.pcap.out @@ -224,9 +224,9 @@ ~~ total active/idle flows...: 39/39 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7691105 bytes -~~ total memory freed........: 7691105 bytes -~~ total allocations/frees...: 143271/143271 +~~ total memory allocated....: 7865010 bytes +~~ total memory freed........: 7865010 bytes +~~ total allocations/frees...: 146952/146952 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 312 chars ~~ json string max len.......: 2512 chars diff --git a/test/results/default/fuzz-2020-02-16-11740.pcap.out b/test/results/default/fuzz-2020-02-16-11740.pcap.out index be289ae98..2facd85b3 100644 --- a/test/results/default/fuzz-2020-02-16-11740.pcap.out +++ b/test/results/default/fuzz-2020-02-16-11740.pcap.out @@ -621,9 +621,9 @@ ~~ total active/idle flows...: 79/79 ~~ total timeout flows.......: 13 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7768077 bytes -~~ total memory freed........: 7768077 bytes -~~ total allocations/frees...: 143846/143846 +~~ total memory allocated....: 7942942 bytes +~~ total memory freed........: 7942942 bytes +~~ total allocations/frees...: 147527/147527 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 312 chars ~~ json string max len.......: 2444 chars diff --git a/test/results/default/fuzz-2021-06-07-c6c72a0a56.pcap.out b/test/results/default/fuzz-2021-06-07-c6c72a0a56.pcap.out index ad7fca9e4..a6aa2475a 100644 --- a/test/results/default/fuzz-2021-06-07-c6c72a0a56.pcap.out +++ b/test/results/default/fuzz-2021-06-07-c6c72a0a56.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 336 chars ~~ json string max len.......: 597 chars diff --git a/test/results/default/fuzz-2021-10-13.pcap.out b/test/results/default/fuzz-2021-10-13.pcap.out index 02977129b..c466a6a84 100644 --- a/test/results/default/fuzz-2021-10-13.pcap.out +++ b/test/results/default/fuzz-2021-10-13.pcap.out @@ -11,9 +11,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 318 chars ~~ json string max len.......: 585 chars diff --git a/test/results/default/geforcenow.pcapng.out b/test/results/default/geforcenow.pcapng.out index e6f58b218..0856252f5 100644 --- a/test/results/default/geforcenow.pcapng.out +++ b/test/results/default/geforcenow.pcapng.out @@ -30,9 +30,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7663224 bytes -~~ total memory freed........: 7663224 bytes -~~ total allocations/frees...: 142824/142824 +~~ total memory allocated....: 7836241 bytes +~~ total memory freed........: 7836241 bytes +~~ total allocations/frees...: 146505/146505 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 4444 chars diff --git a/test/results/default/genshin-impact.pcap.out b/test/results/default/genshin-impact.pcap.out index a7c2f65a6..a4e8d32eb 100644 --- a/test/results/default/genshin-impact.pcap.out +++ b/test/results/default/genshin-impact.pcap.out @@ -62,9 +62,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613134 bytes -~~ total memory freed........: 7613134 bytes -~~ total allocations/frees...: 142838/142838 +~~ total memory allocated....: 7786247 bytes +~~ total memory freed........: 7786247 bytes +~~ total allocations/frees...: 146519/146519 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 1231 chars diff --git a/test/results/default/git.pcap.out b/test/results/default/git.pcap.out index 7cb66bfe7..775966b7c 100644 --- a/test/results/default/git.pcap.out +++ b/test/results/default/git.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596370 bytes -~~ total memory freed........: 7596370 bytes -~~ total allocations/frees...: 142780/142780 +~~ total memory allocated....: 7769363 bytes +~~ total memory freed........: 7769363 bytes +~~ total allocations/frees...: 146461/146461 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2176 chars diff --git a/test/results/default/gnutella.pcap.out b/test/results/default/gnutella.pcap.out index 16e55258b..d9203286c 100644 --- a/test/results/default/gnutella.pcap.out +++ b/test/results/default/gnutella.pcap.out @@ -5051,7 +5051,7 @@ 00732{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3497,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_packet_id":2,"flow_src_last_pkt_time":401028587,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":401028587,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LgAAAER3GEKAAIP7\/\/\/+sQlB2wAtikJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00732{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3498,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_packet_id":3,"flow_src_last_pkt_time":402032886,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":402032886,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LkAAAER3GAKAAIP7\/\/\/+sQlB2wAtikJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00732{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3499,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_packet_id":4,"flow_src_last_pkt_time":403044600,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":403044600,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LoAAAER3F8KAAIP7\/\/\/+sQlB2wAtikJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -01038{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3505,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":405371959,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"7":"Match by IP"},"proto":"ProtonVPN","proto_id":"344","proto_by_ip":"ProtonVPN","proto_by_ip_id":344,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} +00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3505,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":405371959,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3505,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":405371959,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00755{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3505,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":754,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":355387386,"flow_src_last_pkt_time":355387386,"flow_dst_last_pkt_time":355387386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":405371959,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.125.218.84","src_port":28681,"dst_port":17561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 01190{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3505,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":264769911,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":265025254,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":301,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":301,"midstream":0,"thread_ts_usec":405371959,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":28681,"dst_port":9852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -6605,7 +6605,7 @@ 00883{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3901,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599426218,"flow_src_last_pkt_time":599426218,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599426218,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3902,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_packet_id":2,"flow_src_last_pkt_time":599529292,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":834,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":834,"pkt_l4_len":780,"thread_ts_usec":599529292,"pkt":"MzMAAAAMCAAn5uVZht1gB0PFAwwRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+dYOdgMMdjk8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtOCI\/Pjxzb2FwOkVudmVsb3BlIHhtbG5zOnNvYXA9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSIgeG1sbnM6d3NhPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA0LzA4L2FkZHJlc3NpbmciIHhtbG5zOndzZD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkiPjxzb2FwOkhlYWRlcj48d3NhOlRvPnVybjpzY2hlbWFzLXhtbHNvYXAtb3JnOndzOjIwMDU6MDQ6ZGlzY292ZXJ5PC93c2E6VG8+PHdzYTpBY3Rpb24+aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkvQnllPC93c2E6QWN0aW9uPjx3c2E6TWVzc2FnZUlEPnVybjp1dWlkOjk4Zjc0ZjcxLTZkZmMtNDYxMi05YzNjLTVjNTgwZWI4MzU5Njwvd3NhOk1lc3NhZ2VJRD48d3NkOkFwcFNlcXVlbmNlIEluc3RhbmNlSWQ9IjQ2IiBTZXF1ZW5jZUlkPSJ1cm46dXVpZDo3NjczODllMC1lZTlhLTRjMWMtYjkwMi0yMGNiODFkMjAzZTAiIE1lc3NhZ2VOdW1iZXI9IjUiPjwvd3NkOkFwcFNlcXVlbmNlPjwvc29hcDpIZWFkZXI+PHNvYXA6Qm9keT48d3NkOkJ5ZT48d3NhOkVuZHBvaW50UmVmZXJlbmNlPjx3c2E6QWRkcmVzcz51cm46dXVpZDo3NDdmM2Q5Ni02OGE3LTQzZjEtOGNiZS1lOGQ2ZGFkZDAzNTg8L3dzYTpBZGRyZXNzPjwvd3NhOkVuZHBvaW50UmVmZXJlbmNlPjwvd3NkOkJ5ZT48L3NvYXA6Qm9keT48L3NvYXA6RW52ZWxvcGU+"} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3903,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_packet_id":2,"flow_src_last_pkt_time":599747316,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":90,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":62,"pkt_len":90,"pkt_l4_len":28,"thread_ts_usec":599747316,"pkt":"MzMAAAAWCAAn5uVZht1gAAAAACQAAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAWOgAFAgAAAQCPAOKkAAAAAQMAAAD\/AgAAAAAAAAAAAAAAAAAM"} -00595{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":3904,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","packets-captured":3904,"packets-processed":3882,"total-skipped-flows":0,"total-l4-payload-len":383594,"total-not-detected-flows":309,"total-guessed-flows":3,"total-detected-flows":401,"total-detection-updates":5,"total-updates":2519,"current-active-flows":169,"total-active-flows":801,"total-idle-flows":632,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6608,"global_ts_usec":600247140} +00595{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":3904,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","packets-captured":3904,"packets-processed":3882,"total-skipped-flows":0,"total-l4-payload-len":383594,"total-not-detected-flows":310,"total-guessed-flows":2,"total-detected-flows":401,"total-detection-updates":5,"total-updates":2519,"current-active-flows":169,"total-active-flows":801,"total-idle-flows":632,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6608,"global_ts_usec":600247140} 00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01182{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":493286521,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -6863,7 +6863,7 @@ 01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":43,"flow_dst_packets_processed":47,"flow_first_seen":71205609,"flow_src_last_pkt_time":593376712,"flow_dst_last_pkt_time":593376534,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":1065,"flow_src_tot_l4_payload_len":753,"flow_dst_tot_l4_payload_len":5162,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01187{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01185{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":553212866,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00595{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","packets-captured":3905,"packets-processed":3882,"total-skipped-flows":0,"total-l4-payload-len":383594,"total-not-detected-flows":397,"total-guessed-flows":3,"total-detected-flows":401,"total-detection-updates":5,"total-updates":2519,"current-active-flows":0,"total-active-flows":801,"total-idle-flows":801,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6866,"global_ts_usec":600247226} +00595{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","packets-captured":3905,"packets-processed":3882,"total-skipped-flows":0,"total-l4-payload-len":383594,"total-not-detected-flows":398,"total-guessed-flows":2,"total-detected-flows":401,"total-detection-updates":5,"total-updates":2519,"current-active-flows":0,"total-active-flows":801,"total-idle-flows":801,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6866,"global_ts_usec":600247226} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ ~~ packets captured/processed: 3905/3882 ~~ skipped flows.............: 0 @@ -6872,9 +6872,9 @@ ~~ total active/idle flows...: 801/801 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 9523535 bytes -~~ total memory freed........: 9523535 bytes -~~ total allocations/frees...: 155636/155636 +~~ total memory allocated....: 9715728 bytes +~~ total memory freed........: 9715728 bytes +~~ total allocations/frees...: 159317/159317 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 274 chars ~~ json string max len.......: 2354 chars diff --git a/test/results/default/google_ssl.pcap.out b/test/results/default/google_ssl.pcap.out index 0b9d14718..90509443c 100644 --- a/test/results/default/google_ssl.pcap.out +++ b/test/results/default/google_ssl.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596620 bytes -~~ total memory freed........: 7596620 bytes -~~ total allocations/frees...: 142719/142719 +~~ total memory allocated....: 7769613 bytes +~~ total memory freed........: 7769613 bytes +~~ total allocations/frees...: 146400/146400 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 942 chars diff --git a/test/results/default/googledns_android10.pcap.out b/test/results/default/googledns_android10.pcap.out index 527130547..696b19b0c 100644 --- a/test/results/default/googledns_android10.pcap.out +++ b/test/results/default/googledns_android10.pcap.out @@ -83,9 +83,9 @@ ~~ total active/idle flows...: 8/8 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7660208 bytes -~~ total memory freed........: 7660208 bytes -~~ total allocations/frees...: 143370/143370 +~~ total memory allocated....: 7833369 bytes +~~ total memory freed........: 7833369 bytes +~~ total allocations/frees...: 147051/147051 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 525 chars ~~ json string max len.......: 2357 chars diff --git a/test/results/default/gquic.pcap.out b/test/results/default/gquic.pcap.out index e2942e909..31d9f4d61 100644 --- a/test/results/default/gquic.pcap.out +++ b/test/results/default/gquic.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604160 bytes -~~ total memory freed........: 7604160 bytes -~~ total allocations/frees...: 142711/142711 +~~ total memory allocated....: 7777153 bytes +~~ total memory freed........: 7777153 bytes +~~ total allocations/frees...: 146392/146392 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2348 chars diff --git a/test/results/default/gtp_c.pcap.out b/test/results/default/gtp_c.pcap.out index 8a4194b39..39edb5287 100644 --- a/test/results/default/gtp_c.pcap.out +++ b/test/results/default/gtp_c.pcap.out @@ -16,9 +16,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593876 bytes -~~ total memory freed........: 7593876 bytes -~~ total allocations/frees...: 142694/142694 +~~ total memory allocated....: 7766869 bytes +~~ total memory freed........: 7766869 bytes +~~ total allocations/frees...: 146375/146375 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1102 chars diff --git a/test/results/default/gtp_false_positive.pcapng.out b/test/results/default/gtp_false_positive.pcapng.out index 13299f142..6f0a1a2fc 100644 --- a/test/results/default/gtp_false_positive.pcapng.out +++ b/test/results/default/gtp_false_positive.pcapng.out @@ -28,9 +28,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598211 bytes -~~ total memory freed........: 7598211 bytes -~~ total allocations/frees...: 142719/142719 +~~ total memory allocated....: 7771252 bytes +~~ total memory freed........: 7771252 bytes +~~ total allocations/frees...: 146400/146400 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 526 chars ~~ json string max len.......: 1082 chars diff --git a/test/results/default/gtp_prime.pcapng.out b/test/results/default/gtp_prime.pcapng.out index d6d7fcd3c..4181f1d58 100644 --- a/test/results/default/gtp_prime.pcapng.out +++ b/test/results/default/gtp_prime.pcapng.out @@ -11,9 +11,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 304 chars ~~ json string max len.......: 704 chars diff --git a/test/results/default/h323-overflow.pcap.out b/test/results/default/h323-overflow.pcap.out index e0bd63912..b2a1010ae 100644 --- a/test/results/default/h323-overflow.pcap.out +++ b/test/results/default/h323-overflow.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595837 bytes -~~ total memory freed........: 7595837 bytes -~~ total allocations/frees...: 142692/142692 +~~ total memory allocated....: 7768830 bytes +~~ total memory freed........: 7768830 bytes +~~ total allocations/frees...: 146373/146373 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 1078 chars diff --git a/test/results/default/h323.pcap.out b/test/results/default/h323.pcap.out index 0b6e4fca7..6e52258e3 100644 --- a/test/results/default/h323.pcap.out +++ b/test/results/default/h323.pcap.out @@ -22,9 +22,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598280 bytes -~~ total memory freed........: 7598280 bytes -~~ total allocations/frees...: 142714/142714 +~~ total memory allocated....: 7771297 bytes +~~ total memory freed........: 7771297 bytes +~~ total allocations/frees...: 146395/146395 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1004 chars diff --git a/test/results/default/heuristic_tcp_ack_payload.pcap.out b/test/results/default/heuristic_tcp_ack_payload.pcap.out index af5223043..9877e19c1 100644 --- a/test/results/default/heuristic_tcp_ack_payload.pcap.out +++ b/test/results/default/heuristic_tcp_ack_payload.pcap.out @@ -63,9 +63,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7625539 bytes -~~ total memory freed........: 7625539 bytes -~~ total allocations/frees...: 143057/143057 +~~ total memory allocated....: 7798652 bytes +~~ total memory freed........: 7798652 bytes +~~ total allocations/frees...: 146738/146738 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 531 chars ~~ json string max len.......: 2021 chars diff --git a/test/results/default/hots.pcapng.out b/test/results/default/hots.pcapng.out index e0753cb3a..9067cd292 100644 --- a/test/results/default/hots.pcapng.out +++ b/test/results/default/hots.pcapng.out @@ -38,9 +38,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600908 bytes -~~ total memory freed........: 7600908 bytes -~~ total allocations/frees...: 142812/142812 +~~ total memory allocated....: 7773949 bytes +~~ total memory freed........: 7773949 bytes +~~ total allocations/frees...: 146493/146493 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2329 chars diff --git a/test/results/default/hpvirtgrp.pcap.out b/test/results/default/hpvirtgrp.pcap.out index 9df08e1d7..ec32734b9 100644 --- a/test/results/default/hpvirtgrp.pcap.out +++ b/test/results/default/hpvirtgrp.pcap.out @@ -88,9 +88,9 @@ ~~ total active/idle flows...: 9/9 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7633127 bytes -~~ total memory freed........: 7633127 bytes -~~ total allocations/frees...: 142923/142923 +~~ total memory allocated....: 7806312 bytes +~~ total memory freed........: 7806312 bytes +~~ total allocations/frees...: 146604/146604 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 986 chars diff --git a/test/results/default/hsrp0.pcap.out b/test/results/default/hsrp0.pcap.out index bc692f7b2..593a88d05 100644 --- a/test/results/default/hsrp0.pcap.out +++ b/test/results/default/hsrp0.pcap.out @@ -25,9 +25,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600136 bytes -~~ total memory freed........: 7600136 bytes -~~ total allocations/frees...: 142723/142723 +~~ total memory allocated....: 7773201 bytes +~~ total memory freed........: 7773201 bytes +~~ total allocations/frees...: 146404/146404 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 964 chars diff --git a/test/results/default/hsrp2.pcap.out b/test/results/default/hsrp2.pcap.out index 62dc3fdcf..c389246a3 100644 --- a/test/results/default/hsrp2.pcap.out +++ b/test/results/default/hsrp2.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595886 bytes -~~ total memory freed........: 7595886 bytes -~~ total allocations/frees...: 142701/142701 +~~ total memory allocated....: 7768903 bytes +~~ total memory freed........: 7768903 bytes +~~ total allocations/frees...: 146382/146382 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 966 chars diff --git a/test/results/default/hsrp2_ipv6.pcapng.out b/test/results/default/hsrp2_ipv6.pcapng.out index 51d6d094f..ef3d0d4b3 100644 --- a/test/results/default/hsrp2_ipv6.pcapng.out +++ b/test/results/default/hsrp2_ipv6.pcapng.out @@ -29,9 +29,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596872 bytes -~~ total memory freed........: 7596872 bytes -~~ total allocations/frees...: 142735/142735 +~~ total memory allocated....: 7769889 bytes +~~ total memory freed........: 7769889 bytes +~~ total allocations/frees...: 146416/146416 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 1100 chars diff --git a/test/results/default/http-crash-content-disposition.pcap.out b/test/results/default/http-crash-content-disposition.pcap.out index 63d7f7fb4..8e48e4fe1 100644 --- a/test/results/default/http-crash-content-disposition.pcap.out +++ b/test/results/default/http-crash-content-disposition.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594171 bytes -~~ total memory freed........: 7594171 bytes -~~ total allocations/frees...: 142706/142706 +~~ total memory allocated....: 7767164 bytes +~~ total memory freed........: 7767164 bytes +~~ total allocations/frees...: 146387/146387 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 536 chars ~~ json string max len.......: 1157 chars diff --git a/test/results/default/http-lines-split.pcap.out b/test/results/default/http-lines-split.pcap.out index be3934cb9..359c21ed0 100644 --- a/test/results/default/http-lines-split.pcap.out +++ b/test/results/default/http-lines-split.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594224 bytes -~~ total memory freed........: 7594224 bytes -~~ total allocations/frees...: 142707/142707 +~~ total memory allocated....: 7767217 bytes +~~ total memory freed........: 7767217 bytes +~~ total allocations/frees...: 146388/146388 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 522 chars ~~ json string max len.......: 1273 chars diff --git a/test/results/default/http-manipulated.pcap.out b/test/results/default/http-manipulated.pcap.out index 390f27bf2..e94dd8bc1 100644 --- a/test/results/default/http-manipulated.pcap.out +++ b/test/results/default/http-manipulated.pcap.out @@ -26,9 +26,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7597289 bytes -~~ total memory freed........: 7597289 bytes -~~ total allocations/frees...: 142752/142752 +~~ total memory allocated....: 7770306 bytes +~~ total memory freed........: 7770306 bytes +~~ total allocations/frees...: 146433/146433 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 522 chars ~~ json string max len.......: 1297 chars diff --git a/test/results/default/http-proxy.pcapng.out b/test/results/default/http-proxy.pcapng.out index c99533e5f..2b4449087 100644 --- a/test/results/default/http-proxy.pcapng.out +++ b/test/results/default/http-proxy.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594227 bytes -~~ total memory freed........: 7594227 bytes -~~ total allocations/frees...: 142706/142706 +~~ total memory allocated....: 7767220 bytes +~~ total memory freed........: 7767220 bytes +~~ total allocations/frees...: 146387/146387 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 1150 chars diff --git a/test/results/default/http_asymmetric.pcapng.out b/test/results/default/http_asymmetric.pcapng.out index 4b65127dc..aed67596c 100644 --- a/test/results/default/http_asymmetric.pcapng.out +++ b/test/results/default/http_asymmetric.pcapng.out @@ -25,9 +25,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7597167 bytes -~~ total memory freed........: 7597167 bytes -~~ total allocations/frees...: 142743/142743 +~~ total memory allocated....: 7770184 bytes +~~ total memory freed........: 7770184 bytes +~~ total allocations/frees...: 146424/146424 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 2520 chars diff --git a/test/results/default/http_auth.pcap.out b/test/results/default/http_auth.pcap.out index 5026d3c1a..e57e0861a 100644 --- a/test/results/default/http_auth.pcap.out +++ b/test/results/default/http_auth.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594962 bytes -~~ total memory freed........: 7594962 bytes -~~ total allocations/frees...: 142730/142730 +~~ total memory allocated....: 7767955 bytes +~~ total memory freed........: 7767955 bytes +~~ total allocations/frees...: 146411/146411 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2428 chars diff --git a/test/results/default/http_connect.pcap.out b/test/results/default/http_connect.pcap.out index 99740a188..a5d5c7db4 100644 --- a/test/results/default/http_connect.pcap.out +++ b/test/results/default/http_connect.pcap.out @@ -34,9 +34,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7616623 bytes -~~ total memory freed........: 7616623 bytes -~~ total allocations/frees...: 142822/142822 +~~ total memory allocated....: 7789664 bytes +~~ total memory freed........: 7789664 bytes +~~ total allocations/frees...: 146503/146503 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 2168 chars diff --git a/test/results/default/http_guessed_host_and_guessed.pcapng.out b/test/results/default/http_guessed_host_and_guessed.pcapng.out index d606878e2..04fd9c0cf 100644 --- a/test/results/default/http_guessed_host_and_guessed.pcapng.out +++ b/test/results/default/http_guessed_host_and_guessed.pcapng.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595857 bytes -~~ total memory freed........: 7595857 bytes -~~ total allocations/frees...: 142693/142693 +~~ total memory allocated....: 7768850 bytes +~~ total memory freed........: 7768850 bytes +~~ total allocations/frees...: 146374/146374 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 537 chars ~~ json string max len.......: 1343 chars diff --git a/test/results/default/http_invalid_server.pcap.out b/test/results/default/http_invalid_server.pcap.out index 94dac7e70..b54073043 100644 --- a/test/results/default/http_invalid_server.pcap.out +++ b/test/results/default/http_invalid_server.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594214 bytes -~~ total memory freed........: 7594214 bytes -~~ total allocations/frees...: 142708/142708 +~~ total memory allocated....: 7767207 bytes +~~ total memory freed........: 7767207 bytes +~~ total allocations/frees...: 146389/146389 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 525 chars ~~ json string max len.......: 1344 chars diff --git a/test/results/default/http_ipv6.pcap.out b/test/results/default/http_ipv6.pcap.out index 3163a52d2..15fae5b83 100644 --- a/test/results/default/http_ipv6.pcap.out +++ b/test/results/default/http_ipv6.pcap.out @@ -121,9 +121,9 @@ ~~ total active/idle flows...: 15/15 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7713868 bytes -~~ total memory freed........: 7713868 bytes -~~ total allocations/frees...: 143116/143116 +~~ total memory allocated....: 7887197 bytes +~~ total memory freed........: 7887197 bytes +~~ total allocations/frees...: 146797/146797 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2388 chars diff --git a/test/results/default/http_on_sip_port.pcap.out b/test/results/default/http_on_sip_port.pcap.out index bef6ed96d..d36693cb8 100644 --- a/test/results/default/http_on_sip_port.pcap.out +++ b/test/results/default/http_on_sip_port.pcap.out @@ -16,9 +16,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594254 bytes -~~ total memory freed........: 7594254 bytes -~~ total allocations/frees...: 142702/142702 +~~ total memory allocated....: 7767247 bytes +~~ total memory freed........: 7767247 bytes +~~ total allocations/frees...: 146383/146383 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 522 chars ~~ json string max len.......: 2360 chars diff --git a/test/results/default/http_origin_different_than_host.pcap.out b/test/results/default/http_origin_different_than_host.pcap.out index 6d7d72ea1..cce48ee3d 100644 --- a/test/results/default/http_origin_different_than_host.pcap.out +++ b/test/results/default/http_origin_different_than_host.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 324 chars ~~ json string max len.......: 1278 chars diff --git a/test/results/default/http_starting_with_reply.pcapng.out b/test/results/default/http_starting_with_reply.pcapng.out index e27571fc7..21939b38c 100644 --- a/test/results/default/http_starting_with_reply.pcapng.out +++ b/test/results/default/http_starting_with_reply.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594524 bytes -~~ total memory freed........: 7594524 bytes -~~ total allocations/frees...: 142716/142716 +~~ total memory allocated....: 7767517 bytes +~~ total memory freed........: 7767517 bytes +~~ total allocations/frees...: 146397/146397 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 532 chars ~~ json string max len.......: 2529 chars diff --git a/test/results/default/http_ua_splitted_in_two_pkts.pcapng.out b/test/results/default/http_ua_splitted_in_two_pkts.pcapng.out index 2da91ebbe..0d06b1223 100644 --- a/test/results/default/http_ua_splitted_in_two_pkts.pcapng.out +++ b/test/results/default/http_ua_splitted_in_two_pkts.pcapng.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7597101 bytes -~~ total memory freed........: 7597101 bytes -~~ total allocations/frees...: 142806/142806 +~~ total memory allocated....: 7770094 bytes +~~ total memory freed........: 7770094 bytes +~~ total allocations/frees...: 146487/146487 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 536 chars ~~ json string max len.......: 2428 chars diff --git a/test/results/default/i3d.pcap.out b/test/results/default/i3d.pcap.out index 88cc64c94..1b044568d 100644 --- a/test/results/default/i3d.pcap.out +++ b/test/results/default/i3d.pcap.out @@ -43,9 +43,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601872 bytes -~~ total memory freed........: 7601872 bytes -~~ total allocations/frees...: 142783/142783 +~~ total memory allocated....: 7774937 bytes +~~ total memory freed........: 7774937 bytes +~~ total allocations/frees...: 146464/146464 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2172 chars diff --git a/test/results/default/iax.pcap.out b/test/results/default/iax.pcap.out index de0235953..9e7e20f4b 100644 --- a/test/results/default/iax.pcap.out +++ b/test/results/default/iax.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595210 bytes -~~ total memory freed........: 7595210 bytes -~~ total allocations/frees...: 142740/142740 +~~ total memory allocated....: 7768203 bytes +~~ total memory freed........: 7768203 bytes +~~ total allocations/frees...: 146421/146421 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2311 chars diff --git a/test/results/default/icmp-tunnel.pcap.out b/test/results/default/icmp-tunnel.pcap.out index f0237bc85..f95d27d31 100644 --- a/test/results/default/icmp-tunnel.pcap.out +++ b/test/results/default/icmp-tunnel.pcap.out @@ -45,9 +45,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7618787 bytes -~~ total memory freed........: 7618787 bytes -~~ total allocations/frees...: 143553/143553 +~~ total memory allocated....: 7791780 bytes +~~ total memory freed........: 7791780 bytes +~~ total allocations/frees...: 147234/147234 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 517 chars ~~ json string max len.......: 2482 chars diff --git a/test/results/default/iec60780-5-104.pcap.out b/test/results/default/iec60780-5-104.pcap.out index 1e78eebbf..b125d3dc2 100644 --- a/test/results/default/iec60780-5-104.pcap.out +++ b/test/results/default/iec60780-5-104.pcap.out @@ -59,9 +59,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7608643 bytes -~~ total memory freed........: 7608643 bytes -~~ total allocations/frees...: 142892/142892 +~~ total memory allocated....: 7781756 bytes +~~ total memory freed........: 7781756 bytes +~~ total allocations/frees...: 146573/146573 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2259 chars diff --git a/test/results/default/imap-starttls.pcap.out b/test/results/default/imap-starttls.pcap.out index 65447f1ff..cb9216cac 100644 --- a/test/results/default/imap-starttls.pcap.out +++ b/test/results/default/imap-starttls.pcap.out @@ -22,9 +22,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613084 bytes -~~ total memory freed........: 7613084 bytes -~~ total allocations/frees...: 142734/142734 +~~ total memory allocated....: 7786077 bytes +~~ total memory freed........: 7786077 bytes +~~ total allocations/frees...: 146415/146415 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2006 chars diff --git a/test/results/default/imap.pcap.out b/test/results/default/imap.pcap.out index a20a5d92b..f351a2861 100644 --- a/test/results/default/imap.pcap.out +++ b/test/results/default/imap.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596793 bytes -~~ total memory freed........: 7596793 bytes -~~ total allocations/frees...: 142725/142725 +~~ total memory allocated....: 7769786 bytes +~~ total memory freed........: 7769786 bytes +~~ total allocations/frees...: 146406/146406 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2382 chars diff --git a/test/results/default/imaps.pcap.out b/test/results/default/imaps.pcap.out index 4b7c9a993..4c4b11d6e 100644 --- a/test/results/default/imaps.pcap.out +++ b/test/results/default/imaps.pcap.out @@ -29,9 +29,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7610511 bytes -~~ total memory freed........: 7610511 bytes -~~ total allocations/frees...: 142742/142742 +~~ total memory allocated....: 7783528 bytes +~~ total memory freed........: 7783528 bytes +~~ total allocations/frees...: 146423/146423 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1244 chars diff --git a/test/results/default/imo.pcap.out b/test/results/default/imo.pcap.out index 17e74178a..e6f0c9eb9 100644 --- a/test/results/default/imo.pcap.out +++ b/test/results/default/imo.pcap.out @@ -27,9 +27,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598784 bytes -~~ total memory freed........: 7598784 bytes -~~ total allocations/frees...: 142801/142801 +~~ total memory allocated....: 7771801 bytes +~~ total memory freed........: 7771801 bytes +~~ total allocations/frees...: 146482/146482 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2199 chars diff --git a/test/results/default/instagram.pcap.out b/test/results/default/instagram.pcap.out index add3c3250..fd6f2475e 100644 --- a/test/results/default/instagram.pcap.out +++ b/test/results/default/instagram.pcap.out @@ -306,9 +306,9 @@ ~~ total active/idle flows...: 38/38 ~~ total timeout flows.......: 8 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7836402 bytes -~~ total memory freed........: 7836402 bytes -~~ total allocations/frees...: 144067/144067 +~~ total memory allocated....: 8010283 bytes +~~ total memory freed........: 8010283 bytes +~~ total allocations/frees...: 147748/147748 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2493 chars diff --git a/test/results/default/ip_fragmented_garbage.pcap.out b/test/results/default/ip_fragmented_garbage.pcap.out index f26877daf..912b801f1 100644 --- a/test/results/default/ip_fragmented_garbage.pcap.out +++ b/test/results/default/ip_fragmented_garbage.pcap.out @@ -157,9 +157,9 @@ ~~ total active/idle flows...: 29/29 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7653261 bytes -~~ total memory freed........: 7653261 bytes -~~ total allocations/frees...: 142998/142998 +~~ total memory allocated....: 7826926 bytes +~~ total memory freed........: 7826926 bytes +~~ total allocations/frees...: 146679/146679 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 333 chars ~~ json string max len.......: 879 chars diff --git a/test/results/default/iphone.pcap.out b/test/results/default/iphone.pcap.out index 77857f424..a4fde8756 100644 --- a/test/results/default/iphone.pcap.out +++ b/test/results/default/iphone.pcap.out @@ -363,9 +363,9 @@ ~~ total active/idle flows...: 51/51 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8116659 bytes -~~ total memory freed........: 8116659 bytes -~~ total allocations/frees...: 144006/144006 +~~ total memory allocated....: 8290852 bytes +~~ total memory freed........: 8290852 bytes +~~ total allocations/frees...: 147687/147687 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 3949 chars diff --git a/test/results/default/ipp.pcap.out b/test/results/default/ipp.pcap.out index 7c3cf0a89..d00b6368a 100644 --- a/test/results/default/ipp.pcap.out +++ b/test/results/default/ipp.pcap.out @@ -34,9 +34,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7606248 bytes -~~ total memory freed........: 7606248 bytes -~~ total allocations/frees...: 143001/143001 +~~ total memory allocated....: 7779289 bytes +~~ total memory freed........: 7779289 bytes +~~ total allocations/frees...: 146682/146682 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2404 chars diff --git a/test/results/default/ipsec_isakmp_esp.pcap.out b/test/results/default/ipsec_isakmp_esp.pcap.out index ae35c706b..93bd0b5e6 100644 --- a/test/results/default/ipsec_isakmp_esp.pcap.out +++ b/test/results/default/ipsec_isakmp_esp.pcap.out @@ -327,9 +327,9 @@ ~~ total active/idle flows...: 36/36 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7699476 bytes -~~ total memory freed........: 7699476 bytes -~~ total allocations/frees...: 144157/144157 +~~ total memory allocated....: 7873309 bytes +~~ total memory freed........: 7873309 bytes +~~ total allocations/frees...: 147838/147838 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 522 chars ~~ json string max len.......: 2373 chars diff --git a/test/results/default/ipv6_in_gtp.pcap.out b/test/results/default/ipv6_in_gtp.pcap.out index 84af590f9..4cbb0ecea 100644 --- a/test/results/default/ipv6_in_gtp.pcap.out +++ b/test/results/default/ipv6_in_gtp.pcap.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 304 chars ~~ json string max len.......: 582 chars diff --git a/test/results/default/irc.pcap.out b/test/results/default/irc.pcap.out index 68f50d530..a1f82e0c7 100644 --- a/test/results/default/irc.pcap.out +++ b/test/results/default/irc.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596676 bytes -~~ total memory freed........: 7596676 bytes -~~ total allocations/frees...: 142721/142721 +~~ total memory allocated....: 7769669 bytes +~~ total memory freed........: 7769669 bytes +~~ total allocations/frees...: 146402/146402 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 1314 chars diff --git a/test/results/default/ja3_lots_of_cipher_suites.pcap.out b/test/results/default/ja3_lots_of_cipher_suites.pcap.out index 44912fae8..da6957db9 100644 --- a/test/results/default/ja3_lots_of_cipher_suites.pcap.out +++ b/test/results/default/ja3_lots_of_cipher_suites.pcap.out @@ -31,9 +31,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 318 chars ~~ json string max len.......: 2360 chars diff --git a/test/results/default/ja3_lots_of_cipher_suites_2_anon.pcap.out b/test/results/default/ja3_lots_of_cipher_suites_2_anon.pcap.out index b6ca7a1cc..2ab73cb2f 100644 --- a/test/results/default/ja3_lots_of_cipher_suites_2_anon.pcap.out +++ b/test/results/default/ja3_lots_of_cipher_suites_2_anon.pcap.out @@ -43,9 +43,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594543 bytes -~~ total memory freed........: 7594543 bytes -~~ total allocations/frees...: 142717/142717 +~~ total memory allocated....: 7767536 bytes +~~ total memory freed........: 7767536 bytes +~~ total allocations/frees...: 146398/146398 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 371 chars ~~ json string max len.......: 1948 chars diff --git a/test/results/default/jabber.pcap.out b/test/results/default/jabber.pcap.out index 1a4ea4ebf..914f516b5 100644 --- a/test/results/default/jabber.pcap.out +++ b/test/results/default/jabber.pcap.out @@ -116,9 +116,9 @@ ~~ total active/idle flows...: 12/12 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7652082 bytes -~~ total memory freed........: 7652082 bytes -~~ total allocations/frees...: 143181/143181 +~~ total memory allocated....: 7825339 bytes +~~ total memory freed........: 7825339 bytes +~~ total allocations/frees...: 146862/146862 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2314 chars diff --git a/test/results/default/kerberos-error.pcap.out b/test/results/default/kerberos-error.pcap.out index 76ed772de..d3533e8a7 100644 --- a/test/results/default/kerberos-error.pcap.out +++ b/test/results/default/kerberos-error.pcap.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593818 bytes -~~ total memory freed........: 7593818 bytes -~~ total allocations/frees...: 142692/142692 +~~ total memory allocated....: 7766811 bytes +~~ total memory freed........: 7766811 bytes +~~ total allocations/frees...: 146373/146373 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 1152 chars diff --git a/test/results/default/kerberos-login.pcap.out b/test/results/default/kerberos-login.pcap.out index 753ec271b..357274927 100644 --- a/test/results/default/kerberos-login.pcap.out +++ b/test/results/default/kerberos-login.pcap.out @@ -86,9 +86,9 @@ ~~ total active/idle flows...: 13/13 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7620407 bytes -~~ total memory freed........: 7620407 bytes -~~ total allocations/frees...: 142862/142862 +~~ total memory allocated....: 7793688 bytes +~~ total memory freed........: 7793688 bytes +~~ total allocations/frees...: 146543/146543 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2199 chars diff --git a/test/results/default/kerberos.pcap.out b/test/results/default/kerberos.pcap.out index 7ce6d6448..c430a4216 100644 --- a/test/results/default/kerberos.pcap.out +++ b/test/results/default/kerberos.pcap.out @@ -196,9 +196,9 @@ ~~ total active/idle flows...: 36/36 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7721533 bytes -~~ total memory freed........: 7721533 bytes -~~ total allocations/frees...: 143177/143177 +~~ total memory allocated....: 7895366 bytes +~~ total memory freed........: 7895366 bytes +~~ total allocations/frees...: 146858/146858 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2499 chars diff --git a/test/results/default/kerberos_fuzz.pcapng.out b/test/results/default/kerberos_fuzz.pcapng.out index 81efda41a..10aaacc07 100644 --- a/test/results/default/kerberos_fuzz.pcapng.out +++ b/test/results/default/kerberos_fuzz.pcapng.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593761 bytes -~~ total memory freed........: 7593761 bytes -~~ total allocations/frees...: 142690/142690 +~~ total memory allocated....: 7766754 bytes +~~ total memory freed........: 7766754 bytes +~~ total allocations/frees...: 146371/146371 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 1044 chars diff --git a/test/results/default/kismet.pcap.out b/test/results/default/kismet.pcap.out index 36c7e19e9..3f1f007af 100644 --- a/test/results/default/kismet.pcap.out +++ b/test/results/default/kismet.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596823 bytes -~~ total memory freed........: 7596823 bytes -~~ total allocations/frees...: 142726/142726 +~~ total memory allocated....: 7769816 bytes +~~ total memory freed........: 7769816 bytes +~~ total allocations/frees...: 146407/146407 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2239 chars diff --git a/test/results/default/kontiki.pcap.out b/test/results/default/kontiki.pcap.out index 5693cc119..7c3c0dd06 100644 --- a/test/results/default/kontiki.pcap.out +++ b/test/results/default/kontiki.pcap.out @@ -54,9 +54,9 @@ ~~ total active/idle flows...: 8/8 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7610195 bytes -~~ total memory freed........: 7610195 bytes -~~ total allocations/frees...: 142821/142821 +~~ total memory allocated....: 7783356 bytes +~~ total memory freed........: 7783356 bytes +~~ total allocations/frees...: 146502/146502 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2432 chars diff --git a/test/results/default/line.pcap.out b/test/results/default/line.pcap.out index f42b3b74b..4f18fd049 100644 --- a/test/results/default/line.pcap.out +++ b/test/results/default/line.pcap.out @@ -57,9 +57,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7625103 bytes -~~ total memory freed........: 7625103 bytes -~~ total allocations/frees...: 143036/143036 +~~ total memory allocated....: 7798192 bytes +~~ total memory freed........: 7798192 bytes +~~ total allocations/frees...: 146717/146717 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2334 chars diff --git a/test/results/default/linecall_falsepositve.pcap.out b/test/results/default/linecall_falsepositve.pcap.out index 9799203df..4f3d5f274 100644 --- a/test/results/default/linecall_falsepositve.pcap.out +++ b/test/results/default/linecall_falsepositve.pcap.out @@ -73,9 +73,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 314 chars ~~ json string max len.......: 1290 chars diff --git a/test/results/default/lisp_registration.pcap.out b/test/results/default/lisp_registration.pcap.out index 572644dc9..7df711526 100644 --- a/test/results/default/lisp_registration.pcap.out +++ b/test/results/default/lisp_registration.pcap.out @@ -41,9 +41,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7605098 bytes -~~ total memory freed........: 7605098 bytes -~~ total allocations/frees...: 142755/142755 +~~ total memory allocated....: 7778163 bytes +~~ total memory freed........: 7778163 bytes +~~ total allocations/frees...: 146436/146436 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 1436 chars diff --git a/test/results/default/log4j-webapp-exploit.pcap.out b/test/results/default/log4j-webapp-exploit.pcap.out index 412968c47..657ee11cf 100644 --- a/test/results/default/log4j-webapp-exploit.pcap.out +++ b/test/results/default/log4j-webapp-exploit.pcap.out @@ -73,9 +73,9 @@ ~~ total active/idle flows...: 7/7 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7625442 bytes -~~ total memory freed........: 7625442 bytes -~~ total allocations/frees...: 143204/143204 +~~ total memory allocated....: 7798579 bytes +~~ total memory freed........: 7798579 bytes +~~ total allocations/frees...: 146885/146885 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 310 chars ~~ json string max len.......: 1934 chars diff --git a/test/results/default/long_tls_certificate.pcap.out b/test/results/default/long_tls_certificate.pcap.out index 0f7732922..82e93741a 100644 --- a/test/results/default/long_tls_certificate.pcap.out +++ b/test/results/default/long_tls_certificate.pcap.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7994442 bytes -~~ total memory freed........: 7994442 bytes -~~ total allocations/frees...: 142932/142932 +~~ total memory allocated....: 8167435 bytes +~~ total memory freed........: 8167435 bytes +~~ total allocations/frees...: 146613/146613 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 526 chars ~~ json string max len.......: 5381 chars diff --git a/test/results/default/lru_ipv6_caches.pcapng.out b/test/results/default/lru_ipv6_caches.pcapng.out index eb72bbb22..85efd46b1 100644 --- a/test/results/default/lru_ipv6_caches.pcapng.out +++ b/test/results/default/lru_ipv6_caches.pcapng.out @@ -89,9 +89,9 @@ ~~ total active/idle flows...: 12/12 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7634427 bytes -~~ total memory freed........: 7634427 bytes -~~ total allocations/frees...: 142923/142923 +~~ total memory allocated....: 7807684 bytes +~~ total memory freed........: 7807684 bytes +~~ total allocations/frees...: 146604/146604 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 2401 chars diff --git a/test/results/default/malformed_dns.pcap.out b/test/results/default/malformed_dns.pcap.out index 0ef2d9178..12217c08b 100644 --- a/test/results/default/malformed_dns.pcap.out +++ b/test/results/default/malformed_dns.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594006 bytes -~~ total memory freed........: 7594006 bytes -~~ total allocations/frees...: 142699/142699 +~~ total memory allocated....: 7766999 bytes +~~ total memory freed........: 7766999 bytes +~~ total allocations/frees...: 146380/146380 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2731 chars diff --git a/test/results/default/malformed_icmp.pcap.out b/test/results/default/malformed_icmp.pcap.out index 2964b1ac9..05eb87b80 100644 --- a/test/results/default/malformed_icmp.pcap.out +++ b/test/results/default/malformed_icmp.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593789 bytes -~~ total memory freed........: 7593789 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766782 bytes +~~ total memory freed........: 7766782 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 1173 chars diff --git a/test/results/default/malware.pcap.out b/test/results/default/malware.pcap.out index 33d4bcf50..19b8d2058 100644 --- a/test/results/default/malware.pcap.out +++ b/test/results/default/malware.pcap.out @@ -39,9 +39,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7644402 bytes -~~ total memory freed........: 7644402 bytes -~~ total allocations/frees...: 142824/142824 +~~ total memory allocated....: 7817491 bytes +~~ total memory freed........: 7817491 bytes +~~ total allocations/frees...: 146505/146505 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2754 chars diff --git a/test/results/default/memcached.cap.out b/test/results/default/memcached.cap.out index c1f63b2f7..315b9b427 100644 --- a/test/results/default/memcached.cap.out +++ b/test/results/default/memcached.cap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596098 bytes -~~ total memory freed........: 7596098 bytes -~~ total allocations/frees...: 142701/142701 +~~ total memory allocated....: 7769091 bytes +~~ total memory freed........: 7769091 bytes +~~ total allocations/frees...: 146382/146382 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 973 chars diff --git a/test/results/default/merakicloud.pcapng.out b/test/results/default/merakicloud.pcapng.out index 99d9762cc..a6f829412 100644 --- a/test/results/default/merakicloud.pcapng.out +++ b/test/results/default/merakicloud.pcapng.out @@ -25,9 +25,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595036 bytes -~~ total memory freed........: 7595036 bytes -~~ total allocations/frees...: 142734/142734 +~~ total memory allocated....: 7768029 bytes +~~ total memory freed........: 7768029 bytes +~~ total allocations/frees...: 146415/146415 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2432 chars diff --git a/test/results/default/mgcp.pcapng.out b/test/results/default/mgcp.pcapng.out index d1e85d66f..18c41b5f0 100644 --- a/test/results/default/mgcp.pcapng.out +++ b/test/results/default/mgcp.pcapng.out @@ -27,9 +27,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596464 bytes -~~ total memory freed........: 7596464 bytes -~~ total allocations/frees...: 142721/142721 +~~ total memory allocated....: 7769481 bytes +~~ total memory freed........: 7769481 bytes +~~ total allocations/frees...: 146402/146402 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1095 chars diff --git a/test/results/default/modbus.pcap.out b/test/results/default/modbus.pcap.out index b3b1203f6..a26e3746b 100644 --- a/test/results/default/modbus.pcap.out +++ b/test/results/default/modbus.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596718 bytes -~~ total memory freed........: 7596718 bytes -~~ total allocations/frees...: 142792/142792 +~~ total memory allocated....: 7769711 bytes +~~ total memory freed........: 7769711 bytes +~~ total allocations/frees...: 146473/146473 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2310 chars diff --git a/test/results/default/monero.pcap.out b/test/results/default/monero.pcap.out index b5a67b0ee..fe3c17cc8 100644 --- a/test/results/default/monero.pcap.out +++ b/test/results/default/monero.pcap.out @@ -28,9 +28,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7609231 bytes -~~ total memory freed........: 7609231 bytes -~~ total allocations/frees...: 143022/143022 +~~ total memory allocated....: 7782248 bytes +~~ total memory freed........: 7782248 bytes +~~ total allocations/frees...: 146703/146703 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2499 chars diff --git a/test/results/default/mongo_false_positive.pcapng.out b/test/results/default/mongo_false_positive.pcapng.out index 59a89bc24..d66bdee55 100644 --- a/test/results/default/mongo_false_positive.pcapng.out +++ b/test/results/default/mongo_false_positive.pcapng.out @@ -6,7 +6,7 @@ 01815{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/mongo_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1593581341663638,"flow_dst_last_pkt_time":1593581341641115,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":992,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":992,"pkt_l4_len":958,"thread_ts_usec":1593581341663638,"pkt":"AAAAAAAAAAUAoyAkCABFAAPSJW1AAH8G6oG8S7gU+7Z4IMGGAbvEY9K8ZlsVGVAYAQRawwAAS0UAAAIGAVUAAAOeAQAAAI\/gqM9rhiEBAKoEmsOFlYhbJuU1bIo9gZTyPfuzEe6Bp0R1dekdpTM6J+UvhI\/atZONAg8NzlQZtu5ojbPV8zngZbQ4cMrOmnpw9tHIlOI54G8PoCZSSkCzTgVCUZhK6MJ5bEMhaGP8N7VRdGYUxlP3dzaquR9vVcn2XCbu1OyYr2d0f1ttQ9h3X1YHOEON1NdSoBGgqAG\/RHZ07sPa05Xl0UfvrDoaVlD5IET07FH8mSieF7FGedhv4Dj8+Qs2QRqvK1LVJAdhq+ZWqlrhFkDX0yKJTUfo3bbGz2SIZ\/XxVlL4engJDsc82rBIbEtS9RD4G6zaTKjota10U5LlxsWBv\/vF+LDG\/paIKhaHvmX8vMxet\/aPzSosJEi+YbJFZl+ktaTyXfc\/YvBACPyzDXq8dhIQ5EVoVoDF057eylaAp\/b4N7xUz0eIEWtWnaB0pI5aDo4niooDJSg17oEyP4wyEr\/dvj3gCHS3NSaxT2sQF2oI3lWoPKrC0p0TgCGwyk+8uc881xFgiaBcYR1Yq0b8s5nkKulFLZbepk3ixzHUGR38KIk34A5MFpTd4KumfzcRxc7\/mX4meETJikfhTvukqtqy2IYPW1+bRCNngFny3xkNjuE8UTx9apsSVjAbTJF+iDOEmtnFO33Z6kd1hnlmj+tmLxBU2U+7\/2yY34wwJqnOK7DcIcn8VN01WW8pn3XVPTYJNsveJbYtzxAN0QGn6elB1t+tkYz2AI\/bDfCljfqPz9Jhedr6TYt68rJMKvcBzN3Q0kn+ZV6lGIlXIjJihQ4kCBOwQwip+5E7YbzQz0\/EXg8j8I3XpkGddnOHbFEF94xKqghkO3CAwEE6UQtp7apLsuQt7+mbJJz9gWE69awD9rmmPEWE8YlOUDLu1N4GbHa5imN9wzwYR+eX3QagWTsU5MR8LmGzgISvHibhJ5ezVRBpd3CUbMW90\/iKKi474G30KMqYY2leCU0\/tizO+qE1KfBV3hd9rhEf7YOvS85zKOwuFIMuX\/INA9ydr5yFK2w5YCPYbOJJfQroAzWeXjFmHC\/dRCEeIjKkt28uWt0ZvpMtgYBxAWF\/Vuz\/pDAkp0VgXkELtbg760cvqlW4RdFlUHBSj6byX+5rUcEhuxN1Rj5iZNMiLbXNeywFcEIx0wl1FUA9pdx9eiII4CqBL1rzogzCSax9kM\/yFoBDH7LcCWZjzM+PnYkYE5zQ0GRHMuFNnbkl4+w="} 00727{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/mongo_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1593581341663638,"flow_dst_last_pkt_time":1593581341827549,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":189,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":189,"pkt_l4_len":155,"thread_ts_usec":1593581341827549,"pkt":"AAAAAAAAAAUAoyAkCABFAACvAABAADIGYBL7tnggvEu4FAG7wYZmWxUZxGPWZlAYBBFMbAAAS0UAAAIGAAAAAHwBAAAAi8W5xHhxAfF\/QWT2eTT8lDG\/pMDBSRIV1kejJDiVkYqh2e6Wj+sV8dIJnKNy5tzmpxVLWzLF\/kQ1Fyz\/gVA55dJ7rD7a3rw6iNH4HdJzqXMrPtuC4IqV+W\/gNW+lv0MvHrWzWWosEByAzSyLJC6QW14JpW6nChAA"} 02156{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/mongo_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1593581357451506,"flow_dst_last_pkt_time":1593581341827549,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1248,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1248,"pkt_l4_len":1214,"thread_ts_usec":1593581357451506,"pkt":"AAAAAAAAAAUAoyAkCABFAATSKtxAAH8G5BK8S7gU+7Z4IMGGAbvEY9ZmZlsVoFAYAQP4xQAAS0UAAAIIAVUAAASeAQAAAI\/gqM9riCEBZYhSLZSYIvOnmKRFB1NH6SXBoy7HXkHy40xvUKjvN0P2kmQjQ6DOJ\/5cEoTXNc9mpVRRLoaSI0cG53iUIfmCUiYw+Y2Sl96EE3U2XAkcPoGzDfTJB\/4Q3V2JDnKBv7l1qffhqhUQAIC6t6pZb99IWuexXkN6yB+mvcOEgMwSBf+h+EUCXgsmqP0yLGzvhkgeX28Bw3eETrEPbqAcZrSLobMjufoukl580KLwDyb2crXEgXjGPeF78olOb7Pg6sYD\/BN2j6yyAilyS\/tsTsWdhE+MCi3x5py9sPxTra7gQ0k4JVWelsjoabSCP1lmKLze8v5MMRAJvDPMj62ID+lDhFnbLhlQC6f5chGBrpOPgdJC7YHTTF4Yaf6L2LV9kjRaUcpKIzDRzI4KZEonFYhWkM5vOOS0rSPo37Rv1SVkW2EcWQ2nQMbuDtjp\/0tfEZD2geTmvG3etyx+TgAVYG\/awgCrGTG3iBmJ7IP7zvy92HfzRnvpcGwV33VQOmQy5VfPpKlN52Cr9V1cGuATB5Vh71AWy+ZYpCZzbZfNP2tvigsP0wsvXvelhfciLnm+AL8wmySYqBybE3J8dIwFlfoj7ne6sMBf4pGb7AOGBSpiJm38MExrzCRihBJLXRJ7gyu6wZOC7RBoSZhJFfDca7WbjzMcnjgrHhyKz7epOIMZ8KKfdXHIH30WC1WQoyV\/9CDm5Ir6TpnIabDx8aCrVGR2AUJbloUstI06uyojdmfgzlH2RmIEF2wn3MlvapkeTrV1P4YJJdmxgPb+FA1\/KyNKbcQxAZocuyqW5naMFGfnn8cKSFj9nazboTcTzqdyByCcDm0GrOo3lrIAZtJkE4CvuhkCMnF\/7JeMLrrHxrPW\/dOVxglbGTGZaX4aT3qhzlyIFJZcUHvZNd3L8oPPptY03zEYYfgWCY4GCrFbxLpdYS7o3iQ6k\/DOgQDA40F9R\/6bQJtbjUri8cebmGyUgBOFyL4HK+5LP6+wjr7LJLwLOZr12rvbCPH8a5EH0l1+xVGuaHOLPsAloGyPylmUINBBTcC0sBxRxaBR\/z80E26qGGDqcQyyURDhKppNliDigSFs8+fsUbS5ChJOzYl3IpHKfgGOcDcCR3WpoBdqmuOu1DoFstMVlUlLCVIoZpzTcK\/pDo3hPn1LcKZJSo+8BwXkti9ovEfAleUdmchy9h9nbK2GihR4oEJcIGKAmAFjAQTS\/er1a5369himCid2qwxR2G7q+GqiY8Cn5xeTqwJbetF0TDu5o6tQyVaRc80I8hhALVCzmghQGdamem8nIsmKHrqNvthCPs+00k05hS685h68ipvQ5I1mMeEDxQq1lu8OpLGal1I9Y3xEuO7SPNISELRvLy4gXrN6aofFkqLD8VWXc4G\/cbiW1E9zBGFi1T+pcQFhf1bs\/6QwJKdFYF5BC7W4O+tHL6pVuEXRZVBwUo+m8l\/ua1HBIbsTdUY+YmTTIi21zXssBXBCMdMJdRVAPaXcfXoiCOAqgS9a86IMwkmsfZDP8haAQx+y3AlmY8zPj52JGBOc0NBkRzLhTZ25JePs"} -00950{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/mongo_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":13,"flow_first_seen":1593581341477440,"flow_src_last_pkt_time":1593581425760020,"flow_dst_last_pkt_time":1593581425923470,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1274,"flow_dst_max_l4_payload_len":135,"flow_src_tot_l4_payload_len":9246,"flow_dst_tot_l4_payload_len":1485,"midstream":0,"thread_ts_usec":1593581425923470,"l3_proto":"ip4","src_ip":"188.75.184.20","dst_ip":"251.182.120.32","src_port":49542,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} +01077{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/mongo_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":13,"flow_first_seen":1593581341477440,"flow_src_last_pkt_time":1593581425760020,"flow_dst_last_pkt_time":1593581425923470,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1274,"flow_dst_max_l4_payload_len":135,"flow_src_tot_l4_payload_len":9246,"flow_dst_tot_l4_payload_len":1485,"midstream":0,"thread_ts_usec":1593581425923470,"l3_proto":"ip4","src_ip":"188.75.184.20","dst_ip":"251.182.120.32","src_port":49542,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00804{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/mongo_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":13,"flow_first_seen":1593581341477440,"flow_src_last_pkt_time":1593581425760020,"flow_dst_last_pkt_time":1593581425923470,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1274,"flow_dst_max_l4_payload_len":135,"flow_src_tot_l4_payload_len":9246,"flow_dst_tot_l4_payload_len":1485,"midstream":0,"thread_ts_usec":1593581425923470,"l3_proto":"ip4","src_ip":"188.75.184.20","dst_ip":"251.182.120.32","src_port":49542,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00596{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/mongo_false_positive.pcapng","alias":"nDPId-test","packets-captured":26,"packets-processed":26,"total-skipped-flows":0,"total-l4-payload-len":10731,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":11,"global_ts_usec":1593581425923470} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596534 bytes -~~ total memory freed........: 7596534 bytes -~~ total allocations/frees...: 142716/142716 +~~ total memory allocated....: 7769527 bytes +~~ total memory freed........: 7769527 bytes +~~ total allocations/frees...: 146397/146397 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 528 chars ~~ json string max len.......: 2161 chars diff --git a/test/results/default/mongodb.pcap.out b/test/results/default/mongodb.pcap.out index 118035455..2a6e7be1d 100644 --- a/test/results/default/mongodb.pcap.out +++ b/test/results/default/mongodb.pcap.out @@ -51,9 +51,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7605171 bytes -~~ total memory freed........: 7605171 bytes -~~ total allocations/frees...: 142765/142765 +~~ total memory allocated....: 7778260 bytes +~~ total memory freed........: 7778260 bytes +~~ total allocations/frees...: 146446/146446 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 1104 chars diff --git a/test/results/default/mpeg-dash.pcap.out b/test/results/default/mpeg-dash.pcap.out index 9096d94cd..a0bb2b7aa 100644 --- a/test/results/default/mpeg-dash.pcap.out +++ b/test/results/default/mpeg-dash.pcap.out @@ -36,9 +36,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601236 bytes -~~ total memory freed........: 7601236 bytes -~~ total allocations/frees...: 142750/142750 +~~ total memory allocated....: 7774301 bytes +~~ total memory freed........: 7774301 bytes +~~ total allocations/frees...: 146431/146431 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2481 chars diff --git a/test/results/default/mpeg.pcap.out b/test/results/default/mpeg.pcap.out index 45f73e2fb..dcf3621b1 100644 --- a/test/results/default/mpeg.pcap.out +++ b/test/results/default/mpeg.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594391 bytes -~~ total memory freed........: 7594391 bytes -~~ total allocations/frees...: 142713/142713 +~~ total memory allocated....: 7767384 bytes +~~ total memory freed........: 7767384 bytes +~~ total allocations/frees...: 146394/146394 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1091 chars diff --git a/test/results/default/mpegts.pcap.out b/test/results/default/mpegts.pcap.out index b88ba7a7d..7b5d86df2 100644 --- a/test/results/default/mpegts.pcap.out +++ b/test/results/default/mpegts.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593761 bytes -~~ total memory freed........: 7593761 bytes -~~ total allocations/frees...: 142690/142690 +~~ total memory allocated....: 7766754 bytes +~~ total memory freed........: 7766754 bytes +~~ total allocations/frees...: 146371/146371 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2798 chars diff --git a/test/results/default/mqtt.pcap.out b/test/results/default/mqtt.pcap.out index 5656b3237..01a9b1119 100644 --- a/test/results/default/mqtt.pcap.out +++ b/test/results/default/mqtt.pcap.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596145 bytes -~~ total memory freed........: 7596145 bytes -~~ total allocations/frees...: 142710/142710 +~~ total memory allocated....: 7769162 bytes +~~ total memory freed........: 7769162 bytes +~~ total allocations/frees...: 146391/146391 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1093 chars diff --git a/test/results/default/mssql_tds.pcap.out b/test/results/default/mssql_tds.pcap.out index 1544a7356..b972ea46e 100644 --- a/test/results/default/mssql_tds.pcap.out +++ b/test/results/default/mssql_tds.pcap.out @@ -71,9 +71,9 @@ ~~ total active/idle flows...: 12/12 ~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7620274 bytes -~~ total memory freed........: 7620274 bytes -~~ total allocations/frees...: 142850/142850 +~~ total memory allocated....: 7793531 bytes +~~ total memory freed........: 7793531 bytes +~~ total allocations/frees...: 146531/146531 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2493 chars diff --git a/test/results/default/mullvad_dns.pcap.out b/test/results/default/mullvad_dns.pcap.out new file mode 100644 index 000000000..52c848041 --- /dev/null +++ b/test/results/default/mullvad_dns.pcap.out @@ -0,0 +1,24 @@ +00512{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/mullvad_dns.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} +00575{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/mullvad_dns.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1690989392454764} +00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/mullvad_dns.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690989392454764,"flow_src_last_pkt_time":1690989392454764,"flow_dst_last_pkt_time":1690989392454764,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690989392454764,"l3_proto":"ip4","src_ip":"192.168.122.11","dst_ip":"9.9.9.9","src_port":51696,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/mullvad_dns.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1690989392454764,"flow_dst_last_pkt_time":1690989392454764,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":1690989392454764,"pkt":"LpGu0BOrUqbfQmqICABFAABU8HEAAD8RPmLAqHoLCQkJCcnwADUAQE0XWYYBIAABAAAAAAABA3d3dwdtdWxsdmFkA25ldAAAAQABAAApBNAAAAAAAAwACgAIwhcGhsoKkzM="} +01192{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/mullvad_dns.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690989392454764,"flow_src_last_pkt_time":1690989392454764,"flow_dst_last_pkt_time":1690989392454764,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690989392454764,"l3_proto":"ip4","src_ip":"192.168.122.11","dst_ip":"9.9.9.9","src_port":51696,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Mullvad","proto_id":"5.348","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"www.mullvad.net","dns": {"num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}}} +00614{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/mullvad_dns.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1690989392454764,"flow_dst_last_pkt_time":1690989392507188,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1690989392507188,"pkt":"UqbfQmqILpGu0BOrCABFAABmAu0AADgRMtUJCQkJwKh6CwA1yfAAUpRhWYaBoAABAAIAAAABA3d3dwdtdWxsdmFkA25ldAAAAQABwAwABQABAAAG1wACwBDAEAABAAEAAAALAAQtU9\/RAAApBNAAAAAAAAA="} +01083{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/mullvad_dns.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690989392454764,"flow_src_last_pkt_time":1690989392454764,"flow_dst_last_pkt_time":1690989392507188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1690989392507188,"l3_proto":"ip4","src_ip":"192.168.122.11","dst_ip":"9.9.9.9","src_port":51696,"dst_port":53,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Mullvad","proto_id":"5.348","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"www.mullvad.net","dns": {"num_queries":1,"num_answers":3,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"45.83.223.209"}}} +00974{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/mullvad_dns.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1690989392454764,"flow_src_last_pkt_time":1690989392454764,"flow_dst_last_pkt_time":1690989392507188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1690989392507188,"l3_proto":"ip4","src_ip":"192.168.122.11","dst_ip":"9.9.9.9","src_port":51696,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Mullvad","proto_id":"5.348","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00579{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/mullvad_dns.pcap","alias":"nDPId-test","packets-captured":2,"packets-processed":2,"total-skipped-flows":0,"total-l4-payload-len":130,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":9,"global_ts_usec":1690989392507188} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/2 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 130 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~ total timeout flows.......: 0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 7766811 bytes +~~ total memory freed........: 7766811 bytes +~~ total allocations/frees...: 146373/146373 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ json string min len.......: 517 chars +~~ json string max len.......: 1197 chars +~~ json string avg len.......: 848 chars diff --git a/test/results/default/mullvad_wireguard.pcap.out b/test/results/default/mullvad_wireguard.pcap.out new file mode 100644 index 000000000..75694b74e --- /dev/null +++ b/test/results/default/mullvad_wireguard.pcap.out @@ -0,0 +1,26 @@ +00518{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1690989590945292} +00788{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690989590945292,"flow_src_last_pkt_time":1690989590945292,"flow_dst_last_pkt_time":1690989590945292,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":96,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690989590945292,"l3_proto":"ip4","src_ip":"192.168.122.11","dst_ip":"198.54.131.98","src_port":22595,"dst_port":5060,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00650{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1690989590945292,"flow_dst_last_pkt_time":1690989590945292,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":138,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":138,"pkt_l4_len":104,"thread_ts_usec":1690989590945292,"pkt":"LpGu0BOrUqbfQmqICABFAAB83fQAAEARGDDAqHoLxjaDYlhDE8QAaITGBAAAABV2SXkTAAAAAAAAADvIU5XIGqFEsZ+W5jn7BLiciIB2fPEUKgOh7JJ8k\/FEcfAVrKf6uU7CHWMuDpSvWjtQYEvV9cMoDP4zIz5uBNzGTNEAB8QP+U4duw0xthm\/"} +00650{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1690989590945292,"flow_dst_last_pkt_time":1690989591192470,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":138,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":138,"pkt_l4_len":104,"thread_ts_usec":1690989591192470,"pkt":"UqbfQmqILpGu0BOrCABFCAB8BUcAACsRBdbGNoNiwKh6CxPEWEMAaIuGBAAAALBIEBwPAAAAAAAAAAsITpzs3Nqj\/mngBcwLuctA0JbR014xS\/DoFTXDrk8w1scffwPGXVQhk89PWb8vtw+pOPrZNyooWu5tHm9KcXVq4hier14EKnEpPtrq0py+"} +00629{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1690989591192816,"flow_dst_last_pkt_time":1690989591192470,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":122,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":122,"pkt_l4_len":88,"thread_ts_usec":1690989591192816,"pkt":"LpGu0BOrUqbfQmqICABFAABs3hEAAEARGCPAqHoLxjaDYlhDE8QAWIS2BAAAABV2SXkUAAAAAAAAAL8MjKFWP7uP6pyya03XI1qIjbZNSsReHnqhQhpbUmOZN5q0iHBTPminym9OhfX\/ImQvaK\/teAigiILPrpfGBVA="} +01075{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1690989590945292,"flow_src_last_pkt_time":1690989591192816,"flow_dst_last_pkt_time":1690989591192470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":80,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":96,"flow_src_tot_l4_payload_len":176,"flow_dst_tot_l4_payload_len":96,"midstream":0,"thread_ts_usec":1690989591192816,"l3_proto":"ip4","src_ip":"192.168.122.11","dst_ip":"198.54.131.98","src_port":22595,"dst_port":5060,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"WireGuard","proto_id":"206","proto_by_ip":"Mullvad","proto_by_ip_id":348,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} +00740{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1690989591192829,"flow_dst_last_pkt_time":1690989591192470,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":202,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":202,"pkt_l4_len":168,"thread_ts_usec":1690989591192829,"pkt":"LpGu0BOrUqbfQmqICABFAAC83hIAAEARF9LAqHoLxjaDYlhDE8QAqIUGBAAAABV2SXkVAAAAAAAAAJ2fNtGME5zwSTdTMQkGmaiCH+Wo\/9gCMeD01GNIb8pBUhJF3FFtz4RVJRfxx9PzIa8nYPqq4P5DoSH+YsbbogMXQb97+TfgyZWaD5D38iAu+73Y9mXDRYIdZgkSk3b17pGL+yVTFX7rQWUh\/xcnUYDcXFPo8xpMcVnDhl\/Gv\/0VmzIFSzjVfEcbvM2LkUIVmw=="} +00628{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1690989591192829,"flow_dst_last_pkt_time":1690989591426538,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":122,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":122,"pkt_l4_len":88,"thread_ts_usec":1690989591426538,"pkt":"UqbfQmqILpGu0BOrCABFCABsBWYAACsRBcfGNoNiwKh6CxPEWEMAWOEUBAAAALBIEBwQAAAAAAAAAOmugALEfSDtPyEnUa4GVP4WD6vx6vmcdq74p5uWI8wZndweTg2aIL6E2AQEi74KoRmz+vx\/BmWI2O6toM6+Rk0="} +01118{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1690989590945292,"flow_src_last_pkt_time":1690989591911796,"flow_dst_last_pkt_time":1690989591911742,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":80,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":160,"flow_dst_max_l4_payload_len":672,"flow_src_tot_l4_payload_len":576,"flow_dst_tot_l4_payload_len":928,"midstream":0,"thread_ts_usec":1690989591911796,"l3_proto":"ip4","src_ip":"192.168.122.11","dst_ip":"198.54.131.98","src_port":22595,"dst_port":5060,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"WireGuard","proto_id":"206","proto_by_ip":"Mullvad","proto_by_ip_id":348,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} +00590{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/mullvad_wireguard.pcap","alias":"nDPId-test","packets-captured":10,"packets-processed":10,"total-skipped-flows":0,"total-l4-payload-len":1504,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":11,"global_ts_usec":1690989591911796} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 10/10 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1504 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~ total timeout flows.......: 0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 7767066 bytes +~~ total memory freed........: 7767066 bytes +~~ total allocations/frees...: 146382/146382 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ json string min len.......: 523 chars +~~ json string max len.......: 1123 chars +~~ json string avg len.......: 812 chars diff --git a/test/results/default/munin.pcap.out b/test/results/default/munin.pcap.out index dc3f097c3..9d944f338 100644 --- a/test/results/default/munin.pcap.out +++ b/test/results/default/munin.pcap.out @@ -44,9 +44,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601872 bytes -~~ total memory freed........: 7601872 bytes -~~ total allocations/frees...: 142783/142783 +~~ total memory allocated....: 7774937 bytes +~~ total memory freed........: 7774937 bytes +~~ total allocations/frees...: 146464/146464 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 974 chars diff --git a/test/results/default/mysql-8.pcap.out b/test/results/default/mysql-8.pcap.out index e7516ba2b..fb8af6fad 100644 --- a/test/results/default/mysql-8.pcap.out +++ b/test/results/default/mysql-8.pcap.out @@ -25,9 +25,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596899 bytes -~~ total memory freed........: 7596899 bytes -~~ total allocations/frees...: 142736/142736 +~~ total memory allocated....: 7769916 bytes +~~ total memory freed........: 7769916 bytes +~~ total allocations/frees...: 146417/146417 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 983 chars diff --git a/test/results/default/natpmp.pcap.out b/test/results/default/natpmp.pcap.out index c7e64e70e..4ad7d11a0 100644 --- a/test/results/default/natpmp.pcap.out +++ b/test/results/default/natpmp.pcap.out @@ -35,9 +35,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600451 bytes -~~ total memory freed........: 7600451 bytes -~~ total allocations/frees...: 142734/142734 +~~ total memory allocated....: 7773516 bytes +~~ total memory freed........: 7773516 bytes +~~ total allocations/frees...: 146415/146415 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1153 chars diff --git a/test/results/default/nats.pcap.out b/test/results/default/nats.pcap.out index 550467eaa..52087ae71 100644 --- a/test/results/default/nats.pcap.out +++ b/test/results/default/nats.pcap.out @@ -25,9 +25,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600763 bytes -~~ total memory freed........: 7600763 bytes -~~ total allocations/frees...: 142730/142730 +~~ total memory allocated....: 7773780 bytes +~~ total memory freed........: 7773780 bytes +~~ total allocations/frees...: 146411/146411 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 962 chars diff --git a/test/results/default/ndpi_match_string_subprotocol__error.pcapng.out b/test/results/default/ndpi_match_string_subprotocol__error.pcapng.out index 942652398..5b4cdfe20 100644 --- a/test/results/default/ndpi_match_string_subprotocol__error.pcapng.out +++ b/test/results/default/ndpi_match_string_subprotocol__error.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594282 bytes -~~ total memory freed........: 7594282 bytes -~~ total allocations/frees...: 142708/142708 +~~ total memory allocated....: 7767275 bytes +~~ total memory freed........: 7767275 bytes +~~ total allocations/frees...: 146389/146389 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 544 chars ~~ json string max len.......: 2070 chars diff --git a/test/results/default/nest_log_sink.pcap.out b/test/results/default/nest_log_sink.pcap.out index d5b731f54..b97359411 100644 --- a/test/results/default/nest_log_sink.pcap.out +++ b/test/results/default/nest_log_sink.pcap.out @@ -174,9 +174,9 @@ ~~ total active/idle flows...: 17/17 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7674766 bytes -~~ total memory freed........: 7674766 bytes -~~ total allocations/frees...: 143652/143652 +~~ total memory allocated....: 7848143 bytes +~~ total memory freed........: 7848143 bytes +~~ total allocations/frees...: 147333/147333 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2263 chars diff --git a/test/results/default/netbios.pcap.out b/test/results/default/netbios.pcap.out index f0dfd5165..ea004b07e 100644 --- a/test/results/default/netbios.pcap.out +++ b/test/results/default/netbios.pcap.out @@ -89,9 +89,9 @@ ~~ total active/idle flows...: 15/15 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7632832 bytes -~~ total memory freed........: 7632832 bytes -~~ total allocations/frees...: 143096/143096 +~~ total memory allocated....: 7806161 bytes +~~ total memory freed........: 7806161 bytes +~~ total allocations/frees...: 146777/146777 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2213 chars diff --git a/test/results/default/netbios_wildcard_dns_query.pcap.out b/test/results/default/netbios_wildcard_dns_query.pcap.out index 84b0edab7..17d9adbc0 100644 --- a/test/results/default/netbios_wildcard_dns_query.pcap.out +++ b/test/results/default/netbios_wildcard_dns_query.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593789 bytes -~~ total memory freed........: 7593789 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766782 bytes +~~ total memory freed........: 7766782 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 532 chars ~~ json string max len.......: 1218 chars diff --git a/test/results/default/netflix.pcap.out b/test/results/default/netflix.pcap.out index 08039f71e..b37ab5819 100644 --- a/test/results/default/netflix.pcap.out +++ b/test/results/default/netflix.pcap.out @@ -570,9 +570,9 @@ ~~ total active/idle flows...: 61/61 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8145948 bytes -~~ total memory freed........: 8145948 bytes -~~ total allocations/frees...: 145710/145710 +~~ total memory allocated....: 8320381 bytes +~~ total memory freed........: 8320381 bytes +~~ total allocations/frees...: 149391/149391 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2493 chars diff --git a/test/results/default/netflow-fritz.pcap.out b/test/results/default/netflow-fritz.pcap.out index 7dd9d78b6..6805ecbfd 100644 --- a/test/results/default/netflow-fritz.pcap.out +++ b/test/results/default/netflow-fritz.pcap.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593789 bytes -~~ total memory freed........: 7593789 bytes -~~ total allocations/frees...: 142691/142691 +~~ total memory allocated....: 7766782 bytes +~~ total memory freed........: 7766782 bytes +~~ total allocations/frees...: 146372/146372 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 979 chars diff --git a/test/results/default/netflowv9.pcap.out b/test/results/default/netflowv9.pcap.out index 26561d309..5bd7cb057 100644 --- a/test/results/default/netflowv9.pcap.out +++ b/test/results/default/netflowv9.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594050 bytes -~~ total memory freed........: 7594050 bytes -~~ total allocations/frees...: 142700/142700 +~~ total memory allocated....: 7767043 bytes +~~ total memory freed........: 7767043 bytes +~~ total allocations/frees...: 146381/146381 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2379 chars diff --git a/test/results/default/nfsv2.pcap.out b/test/results/default/nfsv2.pcap.out index b4173f992..af09915dc 100644 --- a/test/results/default/nfsv2.pcap.out +++ b/test/results/default/nfsv2.pcap.out @@ -48,9 +48,9 @@ ~~ total active/idle flows...: 7/7 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7611028 bytes -~~ total memory freed........: 7611028 bytes -~~ total allocations/frees...: 142912/142912 +~~ total memory allocated....: 7784165 bytes +~~ total memory freed........: 7784165 bytes +~~ total allocations/frees...: 146593/146593 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2246 chars diff --git a/test/results/default/nfsv3.pcap.out b/test/results/default/nfsv3.pcap.out index 7ca9866a1..bfb0631ae 100644 --- a/test/results/default/nfsv3.pcap.out +++ b/test/results/default/nfsv3.pcap.out @@ -53,9 +53,9 @@ ~~ total active/idle flows...: 8/8 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7612340 bytes -~~ total memory freed........: 7612340 bytes -~~ total allocations/frees...: 142895/142895 +~~ total memory allocated....: 7785501 bytes +~~ total memory freed........: 7785501 bytes +~~ total allocations/frees...: 146576/146576 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2248 chars diff --git a/test/results/default/nintendo.pcap.out b/test/results/default/nintendo.pcap.out index f1319f18c..06dbea668 100644 --- a/test/results/default/nintendo.pcap.out +++ b/test/results/default/nintendo.pcap.out @@ -170,9 +170,9 @@ ~~ total active/idle flows...: 21/21 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7683124 bytes -~~ total memory freed........: 7683124 bytes -~~ total allocations/frees...: 143924/143924 +~~ total memory allocated....: 7856597 bytes +~~ total memory freed........: 7856597 bytes +~~ total allocations/frees...: 147605/147605 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2329 chars diff --git a/test/results/default/nntp.pcap.out b/test/results/default/nntp.pcap.out index 1b73f5d4e..c588807fa 100644 --- a/test/results/default/nntp.pcap.out +++ b/test/results/default/nntp.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596736 bytes -~~ total memory freed........: 7596736 bytes -~~ total allocations/frees...: 142723/142723 +~~ total memory allocated....: 7769729 bytes +~~ total memory freed........: 7769729 bytes +~~ total allocations/frees...: 146404/146404 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2198 chars diff --git a/test/results/default/no_sni.pcap.out b/test/results/default/no_sni.pcap.out index bb35a71df..2e2310ac8 100644 --- a/test/results/default/no_sni.pcap.out +++ b/test/results/default/no_sni.pcap.out @@ -83,9 +83,9 @@ ~~ total active/idle flows...: 8/8 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7667750 bytes -~~ total memory freed........: 7667750 bytes -~~ total allocations/frees...: 143247/143247 +~~ total memory allocated....: 7840911 bytes +~~ total memory freed........: 7840911 bytes +~~ total allocations/frees...: 146928/146928 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2174 chars diff --git a/test/results/default/ocs.pcap.out b/test/results/default/ocs.pcap.out index 7d340626f..f3918b33e 100644 --- a/test/results/default/ocs.pcap.out +++ b/test/results/default/ocs.pcap.out @@ -143,9 +143,9 @@ ~~ total active/idle flows...: 20/20 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7672724 bytes -~~ total memory freed........: 7672724 bytes -~~ total allocations/frees...: 143881/143881 +~~ total memory allocated....: 7846173 bytes +~~ total memory freed........: 7846173 bytes +~~ total allocations/frees...: 147562/147562 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2379 chars diff --git a/test/results/default/ocsp.pcapng.out b/test/results/default/ocsp.pcapng.out index 12f5ec311..37391da1a 100644 --- a/test/results/default/ocsp.pcapng.out +++ b/test/results/default/ocsp.pcapng.out @@ -99,9 +99,9 @@ ~~ total active/idle flows...: 10/10 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7624567 bytes -~~ total memory freed........: 7624567 bytes -~~ total allocations/frees...: 143190/143190 +~~ total memory allocated....: 7797776 bytes +~~ total memory freed........: 7797776 bytes +~~ total allocations/frees...: 146871/146871 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2301 chars diff --git a/test/results/default/oicq.pcap.out b/test/results/default/oicq.pcap.out index 59bea2018..3197a1871 100644 --- a/test/results/default/oicq.pcap.out +++ b/test/results/default/oicq.pcap.out @@ -152,9 +152,9 @@ ~~ total active/idle flows...: 29/29 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7654073 bytes -~~ total memory freed........: 7654073 bytes -~~ total allocations/frees...: 143027/143027 +~~ total memory allocated....: 7827738 bytes +~~ total memory freed........: 7827738 bytes +~~ total allocations/frees...: 146708/146708 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1091 chars diff --git a/test/results/default/ookla.pcap.out b/test/results/default/ookla.pcap.out index fc611db23..7d1fa0b80 100644 --- a/test/results/default/ookla.pcap.out +++ b/test/results/default/ookla.pcap.out @@ -61,9 +61,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7625096 bytes -~~ total memory freed........: 7625096 bytes -~~ total allocations/frees...: 142877/142877 +~~ total memory allocated....: 7798209 bytes +~~ total memory freed........: 7798209 bytes +~~ total allocations/frees...: 146558/146558 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1399 chars diff --git a/test/results/default/openvpn.pcap.out b/test/results/default/openvpn.pcap.out index b7ee94a0c..d2c5dd68f 100644 --- a/test/results/default/openvpn.pcap.out +++ b/test/results/default/openvpn.pcap.out @@ -38,9 +38,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7608720 bytes -~~ total memory freed........: 7608720 bytes -~~ total allocations/frees...: 143012/143012 +~~ total memory allocated....: 7781761 bytes +~~ total memory freed........: 7781761 bytes +~~ total allocations/frees...: 146693/146693 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2325 chars diff --git a/test/results/default/oracle12.pcapng.out b/test/results/default/oracle12.pcapng.out index e0ba34d3a..e7b782171 100644 --- a/test/results/default/oracle12.pcapng.out +++ b/test/results/default/oracle12.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596388 bytes -~~ total memory freed........: 7596388 bytes -~~ total allocations/frees...: 142711/142711 +~~ total memory allocated....: 7769381 bytes +~~ total memory freed........: 7769381 bytes +~~ total allocations/frees...: 146392/146392 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 949 chars diff --git a/test/results/default/os_detected.pcapng.out b/test/results/default/os_detected.pcapng.out index cca1c6e0b..39c2421b0 100644 --- a/test/results/default/os_detected.pcapng.out +++ b/test/results/default/os_detected.pcapng.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604043 bytes -~~ total memory freed........: 7604043 bytes -~~ total allocations/frees...: 142714/142714 +~~ total memory allocated....: 7777036 bytes +~~ total memory freed........: 7777036 bytes +~~ total allocations/frees...: 146395/146395 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2231 chars diff --git a/test/results/default/ospfv2_add_new_prefix.pcap.out b/test/results/default/ospfv2_add_new_prefix.pcap.out index 16d344252..295100402 100644 --- a/test/results/default/ospfv2_add_new_prefix.pcap.out +++ b/test/results/default/ospfv2_add_new_prefix.pcap.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593818 bytes -~~ total memory freed........: 7593818 bytes -~~ total allocations/frees...: 142692/142692 +~~ total memory allocated....: 7766811 bytes +~~ total memory freed........: 7766811 bytes +~~ total allocations/frees...: 146373/146373 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 527 chars ~~ json string max len.......: 1068 chars diff --git a/test/results/default/ossfuzz_seed_fake_traces_1.pcapng.out b/test/results/default/ossfuzz_seed_fake_traces_1.pcapng.out index d782dc9cc..902e43149 100644 --- a/test/results/default/ossfuzz_seed_fake_traces_1.pcapng.out +++ b/test/results/default/ossfuzz_seed_fake_traces_1.pcapng.out @@ -65,9 +65,9 @@ ~~ total active/idle flows...: 10/10 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7617665 bytes -~~ total memory freed........: 7617665 bytes -~~ total allocations/frees...: 142818/142818 +~~ total memory allocated....: 7790874 bytes +~~ total memory freed........: 7790874 bytes +~~ total allocations/frees...: 146499/146499 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 1340 chars diff --git a/test/results/default/ossfuzz_seed_fake_traces_2.pcapng.out b/test/results/default/ossfuzz_seed_fake_traces_2.pcapng.out index 634ff292d..f549976ee 100644 --- a/test/results/default/ossfuzz_seed_fake_traces_2.pcapng.out +++ b/test/results/default/ossfuzz_seed_fake_traces_2.pcapng.out @@ -22,24 +22,33 @@ 00620{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1532126321356858,"flow_dst_last_pkt_time":1532126321359376,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":106,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":106,"pkt_l4_len":72,"thread_ts_usec":1532126321359376,"pkt":"Ojbl\/kz4ouY0KRatCABFiABcKjkAAEAR8mEKLXuECpPNKspsqcYASMITAwAAADDQN9gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="} 00619{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1532126321356858,"flow_dst_last_pkt_time":1532126321359376,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":106,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":106,"pkt_l4_len":72,"thread_ts_usec":1532126321359376,"pkt":"Ojblv1r4ouY0lLWDCABFiABcKjkAAEARO7wKCQACCgkAAcpsqcYASMutAwAAANg30DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1532126321356858,"flow_src_last_pkt_time":1532126321356858,"flow_dst_last_pkt_time":1532126321359376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":148,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1532126321359376,"l3_proto":"ip4","src_ip":"10.9.0.1","dst_ip":"10.9.0.2","src_port":43462,"dst_port":51820,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WireGuard","proto_id":"206","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} -00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":1258844926423672,"flow_src_last_pkt_time":1258844926441100,"flow_dst_last_pkt_time":1258844926440830,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":21,"flow_dst_max_l4_payload_len":124,"flow_src_tot_l4_payload_len":21,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":1532126321359376,"l3_proto":"ip4","src_ip":"172.26.235.166","dst_ip":"172.30.92.62","src_port":55630,"dst_port":119,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Usenet","proto_id":"93","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}} -00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":1258844926423672,"flow_src_last_pkt_time":1258844926441100,"flow_dst_last_pkt_time":1258844926440830,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":6,"flow_dst_max_l4_payload_len":124,"flow_src_tot_l4_payload_len":6,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":1532126321359376,"l3_proto":"ip4","src_ip":"192.168.190.20","dst_ip":"192.168.190.5","src_port":55630,"dst_port":119,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Usenet","proto_id":"93","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}} -00964{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1532126321356858,"flow_src_last_pkt_time":1532126321356858,"flow_dst_last_pkt_time":1532126321359376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":148,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1532126321359376,"l3_proto":"ip4","src_ip":"10.147.205.42","dst_ip":"10.45.123.132","src_port":43462,"dst_port":51820,"l4_proto":"udp","ndpi": {"confidence": {"1":"Match by port"},"proto":"WireGuard","proto_id":"206","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} -00806{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1532126321356858,"flow_src_last_pkt_time":1532126321356858,"flow_dst_last_pkt_time":1532126321359376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":148,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1532126321359376,"l3_proto":"ip4","src_ip":"10.147.205.42","dst_ip":"10.45.123.132","src_port":43462,"dst_port":51820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1532126321356858,"flow_src_last_pkt_time":1532126321356858,"flow_dst_last_pkt_time":1532126321359376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":148,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1532126321359376,"l3_proto":"ip4","src_ip":"10.9.0.1","dst_ip":"10.9.0.2","src_port":43462,"dst_port":51820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WireGuard","proto_id":"206","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} -00600{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","packets-captured":16,"packets-processed":16,"total-skipped-flows":0,"total-l4-payload-len":699,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":3,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":4,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":30,"global_ts_usec":1532126321359376} +00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":1258844926423672,"flow_src_last_pkt_time":1258844926441100,"flow_dst_last_pkt_time":1258844926440830,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":21,"flow_dst_max_l4_payload_len":124,"flow_src_tot_l4_payload_len":21,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":1532126321359376,"l3_proto":"ip4","src_ip":"172.26.235.166","dst_ip":"172.30.92.62","src_port":55630,"dst_port":119,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Usenet","proto_id":"93","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}} +00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":1258844926423672,"flow_src_last_pkt_time":1258844926441100,"flow_dst_last_pkt_time":1258844926440830,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":6,"flow_dst_max_l4_payload_len":124,"flow_src_tot_l4_payload_len":6,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":1532126321359376,"l3_proto":"ip4","src_ip":"192.168.190.20","dst_ip":"192.168.190.5","src_port":55630,"dst_port":119,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Usenet","proto_id":"93","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}} +00598{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","packets-captured":17,"packets-processed":16,"total-skipped-flows":0,"total-l4-payload-len":699,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":0,"total-updates":0,"current-active-flows":2,"total-active-flows":4,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":27,"global_ts_usec":1576629231599706} +00796{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1576629231599706,"flow_src_last_pkt_time":1576629231599706,"flow_dst_last_pkt_time":1576629231599706,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1576629231599706,"l3_proto":"ip4","src_ip":"172.16.20.244","dst_ip":"172.16.20.75","src_port":59038,"dst_port":5432,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1576629231599706,"flow_dst_last_pkt_time":1576629231599706,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1576629231599706,"pkt":"CAAnw1r8CgAnAAAECABFAABAAABAAEAGuVisEBT0rBAUS+aeFThYp3nnAAAAALDC\/\/9fRwAAAgQFtAEDAwYBAQgKmyLsDAAAAAAEAgAA"} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_src_last_pkt_time":1576629231599706,"flow_dst_last_pkt_time":1576629231600017,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1576629231600017,"pkt":"CgAnAAAECAAnw1r8CABFAAA8AABAAEAGuVysEBRLrBAU9BU45p59bstLWKd56KBScSDq+wAAAgQFtAQCCApyjFlXmyLsDAEDAwc="} +00562{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":3,"flow_src_last_pkt_time":1576629231600054,"flow_dst_last_pkt_time":1576629231600017,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1576629231600054,"pkt":"CAAnw1r8CgAnAAAECABFAAA0AABAAEAGuWSsEBT0rBAUS+aeFThYp3nofW7LTIAQCAqDHgAAAQEICpsi7AxyjFlX"} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":4,"flow_src_last_pkt_time":1576629231617811,"flow_dst_last_pkt_time":1576629231600017,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1576629231617811,"pkt":"CAAnw1r8CgAnAAAECABFAgA8AABAAEAGuVqsEBT0rBAUS+aeFThYp3nofW7LTIAYCApn8gAAAQEICpsi7B5yjFlXAAAACATSFjA="} +00562{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":5,"flow_src_last_pkt_time":1576629231617811,"flow_dst_last_pkt_time":1576629231618077,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1576629231618077,"pkt":"CgAnAAAECAAnw1r8CABFAAA0khtAAEAGJ0msEBRLrBAU9BU45p59bstMWKd58IAQAOOKGQAAAQEICnKMWWmbIuwe"} +00952{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1576629231599706,"flow_src_last_pkt_time":1576629231617811,"flow_dst_last_pkt_time":1576629231618351,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":8,"flow_dst_max_l4_payload_len":1,"flow_src_tot_l4_payload_len":8,"flow_dst_tot_l4_payload_len":1,"midstream":0,"thread_ts_usec":1576629231618351,"l3_proto":"ip4","src_ip":"172.16.20.244","dst_ip":"172.16.20.75","src_port":59038,"dst_port":5432,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"PostgreSQL","proto_id":"19","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":11,"category":"Database"}} +00964{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1532126321356858,"flow_src_last_pkt_time":1532126321356858,"flow_dst_last_pkt_time":1532126321359376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":148,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1576629231620123,"l3_proto":"ip4","src_ip":"10.147.205.42","dst_ip":"10.45.123.132","src_port":43462,"dst_port":51820,"l4_proto":"udp","ndpi": {"confidence": {"1":"Match by port"},"proto":"WireGuard","proto_id":"206","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} +00806{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1532126321356858,"flow_src_last_pkt_time":1532126321356858,"flow_dst_last_pkt_time":1532126321359376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":148,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1576629231620123,"l3_proto":"ip4","src_ip":"10.147.205.42","dst_ip":"10.45.123.132","src_port":43462,"dst_port":51820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00990{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1576629231599706,"flow_src_last_pkt_time":1576629231620123,"flow_dst_last_pkt_time":1576629231620055,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":8,"flow_dst_max_l4_payload_len":1,"flow_src_tot_l4_payload_len":8,"flow_dst_tot_l4_payload_len":1,"midstream":0,"thread_ts_usec":1576629231620123,"l3_proto":"ip4","src_ip":"172.16.20.244","dst_ip":"172.16.20.75","src_port":59038,"dst_port":5432,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"PostgreSQL","proto_id":"19","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":11,"category":"Database"}} +00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1532126321356858,"flow_src_last_pkt_time":1532126321356858,"flow_dst_last_pkt_time":1532126321359376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":148,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1576629231620123,"l3_proto":"ip4","src_ip":"10.9.0.1","dst_ip":"10.9.0.2","src_port":43462,"dst_port":51820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WireGuard","proto_id":"206","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} +00600{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/ossfuzz_seed_fake_traces_2.pcapng","alias":"nDPId-test","packets-captured":26,"packets-processed":26,"total-skipped-flows":0,"total-l4-payload-len":708,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":4,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":5,"total-idle-flows":5,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":39,"global_ts_usec":1576629231620123} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ -~~ packets captured/processed: 16/16 +~~ packets captured/processed: 26/26 ~~ skipped flows.............: 0 -~~ total layer4 data length..: 699 bytes -~~ total detected protocols..: 3 -~~ total active/idle flows...: 4/4 -~~ total timeout flows.......: 0 +~~ total layer4 data length..: 708 bytes +~~ total detected protocols..: 4 +~~ total active/idle flows...: 5/5 +~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604692 bytes -~~ total memory freed........: 7604692 bytes -~~ total allocations/frees...: 142741/142741 +~~ total memory allocated....: 7782243 bytes +~~ total memory freed........: 7782243 bytes +~~ total allocations/frees...: 146444/146444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 534 chars -~~ json string max len.......: 992 chars -~~ json string avg len.......: 762 chars +~~ json string max len.......: 995 chars +~~ json string avg len.......: 763 chars diff --git a/test/results/default/ossfuzz_seed_fake_traces_3.pcapng.out b/test/results/default/ossfuzz_seed_fake_traces_3.pcapng.out index d35881f4d..572660b0b 100644 --- a/test/results/default/ossfuzz_seed_fake_traces_3.pcapng.out +++ b/test/results/default/ossfuzz_seed_fake_traces_3.pcapng.out @@ -16,9 +16,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593908 bytes -~~ total memory freed........: 7593908 bytes -~~ total allocations/frees...: 142696/142696 +~~ total memory allocated....: 7766901 bytes +~~ total memory freed........: 7766901 bytes +~~ total allocations/frees...: 146377/146377 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 534 chars ~~ json string max len.......: 950 chars diff --git a/test/results/default/ossfuzz_seed_fake_traces_4.pcapng.out b/test/results/default/ossfuzz_seed_fake_traces_4.pcapng.out index 63a5ac623..3249ce3a4 100644 --- a/test/results/default/ossfuzz_seed_fake_traces_4.pcapng.out +++ b/test/results/default/ossfuzz_seed_fake_traces_4.pcapng.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593818 bytes -~~ total memory freed........: 7593818 bytes -~~ total allocations/frees...: 142692/142692 +~~ total memory allocated....: 7766811 bytes +~~ total memory freed........: 7766811 bytes +~~ total allocations/frees...: 146373/146373 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 522 chars ~~ json string max len.......: 877 chars diff --git a/test/results/default/pgm.pcap.out b/test/results/default/pgm.pcap.out index 0bde234e4..bcc8201d3 100644 --- a/test/results/default/pgm.pcap.out +++ b/test/results/default/pgm.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7622732 bytes -~~ total memory freed........: 7622732 bytes -~~ total allocations/frees...: 143689/143689 +~~ total memory allocated....: 7795725 bytes +~~ total memory freed........: 7795725 bytes +~~ total allocations/frees...: 147370/147370 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2252 chars diff --git a/test/results/default/pgsql.pcap.out b/test/results/default/pgsql.pcap.out index e974e38d3..dc6dc862e 100644 --- a/test/results/default/pgsql.pcap.out +++ b/test/results/default/pgsql.pcap.out @@ -58,9 +58,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7619220 bytes -~~ total memory freed........: 7619220 bytes -~~ total allocations/frees...: 142839/142839 +~~ total memory allocated....: 7792333 bytes +~~ total memory freed........: 7792333 bytes +~~ total allocations/frees...: 146520/146520 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 982 chars diff --git a/test/results/default/pim.pcap.out b/test/results/default/pim.pcap.out index ab0d5691b..1fc5e4f77 100644 --- a/test/results/default/pim.pcap.out +++ b/test/results/default/pim.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594022 bytes -~~ total memory freed........: 7594022 bytes -~~ total allocations/frees...: 142699/142699 +~~ total memory allocated....: 7767015 bytes +~~ total memory freed........: 7767015 bytes +~~ total allocations/frees...: 146380/146380 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 936 chars diff --git a/test/results/default/pinterest.pcap.out b/test/results/default/pinterest.pcap.out index f32a99165..b6530caf5 100644 --- a/test/results/default/pinterest.pcap.out +++ b/test/results/default/pinterest.pcap.out @@ -306,9 +306,9 @@ ~~ total active/idle flows...: 37/37 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8769512 bytes -~~ total memory freed........: 8769512 bytes -~~ total allocations/frees...: 145240/145240 +~~ total memory allocated....: 8943369 bytes +~~ total memory freed........: 8943369 bytes +~~ total allocations/frees...: 148921/148921 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 3531 chars diff --git a/test/results/default/pluralsight.pcap.out b/test/results/default/pluralsight.pcap.out index d6e30c897..122d250c7 100644 --- a/test/results/default/pluralsight.pcap.out +++ b/test/results/default/pluralsight.pcap.out @@ -65,9 +65,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7664002 bytes -~~ total memory freed........: 7664002 bytes -~~ total allocations/frees...: 142845/142845 +~~ total memory allocated....: 7837115 bytes +~~ total memory freed........: 7837115 bytes +~~ total allocations/frees...: 146526/146526 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 517 chars ~~ json string max len.......: 2523 chars diff --git a/test/results/default/pop3.pcap.out b/test/results/default/pop3.pcap.out index 6cb9d79a7..702151fa7 100644 --- a/test/results/default/pop3.pcap.out +++ b/test/results/default/pop3.pcap.out @@ -59,9 +59,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7620915 bytes -~~ total memory freed........: 7620915 bytes -~~ total allocations/frees...: 142897/142897 +~~ total memory allocated....: 7794028 bytes +~~ total memory freed........: 7794028 bytes +~~ total allocations/frees...: 146578/146578 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2298 chars diff --git a/test/results/default/pop3_stls.pcap.out b/test/results/default/pop3_stls.pcap.out index 6f452e614..836858ad4 100644 --- a/test/results/default/pop3_stls.pcap.out +++ b/test/results/default/pop3_stls.pcap.out @@ -22,9 +22,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613562 bytes -~~ total memory freed........: 7613562 bytes -~~ total allocations/frees...: 142754/142754 +~~ total memory allocated....: 7786555 bytes +~~ total memory freed........: 7786555 bytes +~~ total allocations/frees...: 146435/146435 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2022 chars diff --git a/test/results/default/pops.pcapng.out b/test/results/default/pops.pcapng.out index a438e8139..5c39c212f 100644 --- a/test/results/default/pops.pcapng.out +++ b/test/results/default/pops.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600432 bytes -~~ total memory freed........: 7600432 bytes -~~ total allocations/frees...: 142699/142699 +~~ total memory allocated....: 7773425 bytes +~~ total memory freed........: 7773425 bytes +~~ total allocations/frees...: 146380/146380 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2228 chars diff --git a/test/results/default/pps.pcap.out b/test/results/default/pps.pcap.out index e33288f92..711a47c96 100644 --- a/test/results/default/pps.pcap.out +++ b/test/results/default/pps.pcap.out @@ -667,9 +667,9 @@ ~~ total active/idle flows...: 107/107 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7900071 bytes -~~ total memory freed........: 7900071 bytes -~~ total allocations/frees...: 146219/146219 +~~ total memory allocated....: 8075608 bytes +~~ total memory freed........: 8075608 bytes +~~ total allocations/frees...: 149900/149900 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2351 chars diff --git a/test/results/default/pptp.pcap.out b/test/results/default/pptp.pcap.out index 6f0f5f3ea..68ffd363c 100644 --- a/test/results/default/pptp.pcap.out +++ b/test/results/default/pptp.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596504 bytes -~~ total memory freed........: 7596504 bytes -~~ total allocations/frees...: 142715/142715 +~~ total memory allocated....: 7769497 bytes +~~ total memory freed........: 7769497 bytes +~~ total allocations/frees...: 146396/146396 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 970 chars diff --git a/test/results/default/protonvpn.pcap.out b/test/results/default/protonvpn.pcap.out index f8ca28c7f..f1e969167 100644 --- a/test/results/default/protonvpn.pcap.out +++ b/test/results/default/protonvpn.pcap.out @@ -15,20 +15,25 @@ 00530{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":50921855,"flow_dst_last_pkt_time":50921032,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":50921855,"pkt":"UlQAEjUCCAAns+YuCABFAAA8ggNAAEAR0DsKAAIP2RcDTOFlAbsAKDHlBAAAAFqA0k4AAAAAAAAAALO1qui1E3gr64yba6DzHY0="} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":50923026,"flow_dst_last_pkt_time":50921032,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":154,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":154,"pkt_l4_len":120,"thread_ts_usec":50923026,"pkt":"UlQAEjUCCAAns+YuCABFAACMggRAAEARz+oKAAIP2RcDTOFlAbsAeC0gBAAAAFqA0k4BAAAAAAAAAF4\/Rs\/bZ5rJgjR49A7fwbBmyr\/63WBJDwuVnzl4A4pXfnPOZYLKRVrAFPmUTxZtFFUY\/ygw5snpyOqRAP6xav5VAHNARAiOiRt60FdTFozGozRICRBukHLcFDs4iULCdA=="} 00641{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":31,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":50926430,"flow_dst_last_pkt_time":50921032,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":154,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":154,"pkt_l4_len":120,"thread_ts_usec":50926430,"pkt":"UlQAEjUCCAAns+YuCABFAACMggdAAEARz+cKAAIP2RcDTOFlAbsAeBOmBAAAAFqA0k4CAAAAAAAAAD+yacW+Jee9sR0ypoOh8MaQ9gxbsztxJ2kZqazGAeL5NW1pKQLnHbPaHw3gPyLDD2rfIVvAXcZtIMwiZTZxrxOlD0VgEqedFRP3HFFojGTkub8sZpeXm7iOxsEEbnhzOQ=="} -01072{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":5,"flow_first_seen":50897445,"flow_src_last_pkt_time":50986726,"flow_dst_last_pkt_time":50986365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":148,"flow_dst_max_l4_payload_len":176,"flow_src_tot_l4_payload_len":868,"flow_dst_tot_l4_payload_len":604,"midstream":0,"thread_ts_usec":50986726,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"217.23.3.76","src_port":57701,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"WireGuard","proto_id":"206","proto_by_ip":"ProtonVPN","proto_by_ip_id":344,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} -00756{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":14,"flow_first_seen":34930679,"flow_src_last_pkt_time":35025668,"flow_dst_last_pkt_time":35025741,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":756,"flow_dst_tot_l4_payload_len":5847,"midstream":0,"thread_ts_usec":50986726,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.159.159.148","src_port":37810,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00574{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","packets-captured":40,"packets-processed":40,"total-skipped-flows":0,"total-l4-payload-len":8075,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":2,"total-updates":0,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":20,"global_ts_usec":50986726} +00580{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","packets-captured":41,"packets-processed":40,"total-skipped-flows":0,"total-l4-payload-len":8075,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":2,"total-updates":0,"current-active-flows":2,"total-active-flows":2,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":18,"global_ts_usec":1690392292895682} +00769{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690392292895682,"flow_src_last_pkt_time":1690392292895682,"flow_dst_last_pkt_time":1690392292895682,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690392292895682,"l3_proto":"ip4","src_ip":"2.58.241.67","dst_ip":"8.8.8.8","src_port":37710,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1690392292895682,"flow_dst_last_pkt_time":1690392292895682,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1690392292895682,"pkt":"ILAB6wYYNObX3kTiCABFAAA8lQ9AAEAGoh8COvFDCAgICJNOAbuMC89NAAAAAKAC+vAL\/QAAAgQFtAQCCApqQ+LfAAAAAAEDAwc="} +01080{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":5,"flow_first_seen":50897445,"flow_src_last_pkt_time":50986726,"flow_dst_last_pkt_time":50986365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":148,"flow_dst_max_l4_payload_len":176,"flow_src_tot_l4_payload_len":868,"flow_dst_tot_l4_payload_len":604,"midstream":0,"thread_ts_usec":1690392292895682,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"217.23.3.76","src_port":57701,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"WireGuard","proto_id":"206","proto_by_ip":"ProtonVPN","proto_by_ip_id":344,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} +00764{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":14,"flow_first_seen":34930679,"flow_src_last_pkt_time":35025668,"flow_dst_last_pkt_time":35025741,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":756,"flow_dst_tot_l4_payload_len":5847,"midstream":0,"thread_ts_usec":1690392292895682,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.159.159.148","src_port":37810,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01152{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690392292895682,"flow_src_last_pkt_time":1690392292895682,"flow_dst_last_pkt_time":1690392292895682,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690392292895682,"l3_proto":"ip4","src_ip":"2.58.241.67","dst_ip":"8.8.8.8","src_port":37710,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"45": {"risk":"Anonymous Subscriber","severity":"Medium","risk_score": {"total":360,"client":300,"server":60}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} +00770{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690392292895682,"flow_src_last_pkt_time":1690392292895682,"flow_dst_last_pkt_time":1690392292895682,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690392292895682,"l3_proto":"ip4","src_ip":"2.58.241.67","dst_ip":"8.8.8.8","src_port":37710,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00582{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/protonvpn.pcap","alias":"nDPId-test","packets-captured":41,"packets-processed":41,"total-skipped-flows":0,"total-l4-payload-len":8075,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":2,"total-detection-updates":2,"total-updates":0,"current-active-flows":0,"total-active-flows":3,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":25,"global_ts_usec":1690392292895682} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ -~~ packets captured/processed: 40/40 +~~ packets captured/processed: 41/41 ~~ skipped flows.............: 0 ~~ total layer4 data length..: 8075 bytes ~~ total detected protocols..: 2 -~~ total active/idle flows...: 2/2 +~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613687 bytes -~~ total memory freed........: 7613687 bytes -~~ total allocations/frees...: 142757/142757 +~~ total memory allocated....: 7788881 bytes +~~ total memory freed........: 7788881 bytes +~~ total allocations/frees...: 146450/146450 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1527 chars diff --git a/test/results/default/psiphon3.pcap.out b/test/results/default/psiphon3.pcap.out index 0189efc83..3df09bb33 100644 --- a/test/results/default/psiphon3.pcap.out +++ b/test/results/default/psiphon3.pcap.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602278 bytes -~~ total memory freed........: 7602278 bytes -~~ total allocations/frees...: 142763/142763 +~~ total memory allocated....: 7775271 bytes +~~ total memory freed........: 7775271 bytes +~~ total allocations/frees...: 146444/146444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 1961 chars diff --git a/test/results/default/punycode-idn.pcap.out b/test/results/default/punycode-idn.pcap.out index d58709c03..b143875b6 100644 --- a/test/results/default/punycode-idn.pcap.out +++ b/test/results/default/punycode-idn.pcap.out @@ -29,9 +29,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598601 bytes -~~ total memory freed........: 7598601 bytes -~~ total allocations/frees...: 142735/142735 +~~ total memory allocated....: 7771642 bytes +~~ total memory freed........: 7771642 bytes +~~ total allocations/frees...: 146416/146416 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 1298 chars diff --git a/test/results/default/quic-23.pcap.out b/test/results/default/quic-23.pcap.out index 5cf2e75d9..3df0aa9a7 100644 --- a/test/results/default/quic-23.pcap.out +++ b/test/results/default/quic-23.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604522 bytes -~~ total memory freed........: 7604522 bytes -~~ total allocations/frees...: 142731/142731 +~~ total memory allocated....: 7777515 bytes +~~ total memory freed........: 7777515 bytes +~~ total allocations/frees...: 146412/146412 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2282 chars diff --git a/test/results/default/quic-24.pcap.out b/test/results/default/quic-24.pcap.out index bc8fd709e..9028014d3 100644 --- a/test/results/default/quic-24.pcap.out +++ b/test/results/default/quic-24.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604303 bytes -~~ total memory freed........: 7604303 bytes -~~ total allocations/frees...: 142726/142726 +~~ total memory allocated....: 7777296 bytes +~~ total memory freed........: 7777296 bytes +~~ total allocations/frees...: 146407/146407 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2215 chars diff --git a/test/results/default/quic-27.pcap.out b/test/results/default/quic-27.pcap.out index 385421bd6..e01d113a7 100644 --- a/test/results/default/quic-27.pcap.out +++ b/test/results/default/quic-27.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604684 bytes -~~ total memory freed........: 7604684 bytes -~~ total allocations/frees...: 142732/142732 +~~ total memory allocated....: 7777677 bytes +~~ total memory freed........: 7777677 bytes +~~ total allocations/frees...: 146413/146413 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2355 chars diff --git a/test/results/default/quic-28.pcap.out b/test/results/default/quic-28.pcap.out index fca2d3918..b606b6117 100644 --- a/test/results/default/quic-28.pcap.out +++ b/test/results/default/quic-28.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7611106 bytes -~~ total memory freed........: 7611106 bytes -~~ total allocations/frees...: 142964/142964 +~~ total memory allocated....: 7784099 bytes +~~ total memory freed........: 7784099 bytes +~~ total allocations/frees...: 146645/146645 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2266 chars diff --git a/test/results/default/quic-29.pcap.out b/test/results/default/quic-29.pcap.out index 238d939a9..056fb6cec 100644 --- a/test/results/default/quic-29.pcap.out +++ b/test/results/default/quic-29.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604303 bytes -~~ total memory freed........: 7604303 bytes -~~ total allocations/frees...: 142726/142726 +~~ total memory allocated....: 7777296 bytes +~~ total memory freed........: 7777296 bytes +~~ total allocations/frees...: 146407/146407 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2220 chars diff --git a/test/results/default/quic-33.pcapng.out b/test/results/default/quic-33.pcapng.out index 0db58da58..c79a57094 100644 --- a/test/results/default/quic-33.pcapng.out +++ b/test/results/default/quic-33.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604137 bytes -~~ total memory freed........: 7604137 bytes -~~ total allocations/frees...: 142718/142718 +~~ total memory allocated....: 7777130 bytes +~~ total memory freed........: 7777130 bytes +~~ total allocations/frees...: 146399/146399 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2513 chars diff --git a/test/results/default/quic-34.pcap.out b/test/results/default/quic-34.pcap.out index f96829672..24e5bd2b8 100644 --- a/test/results/default/quic-34.pcap.out +++ b/test/results/default/quic-34.pcap.out @@ -16,9 +16,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604152 bytes -~~ total memory freed........: 7604152 bytes -~~ total allocations/frees...: 142715/142715 +~~ total memory allocated....: 7777145 bytes +~~ total memory freed........: 7777145 bytes +~~ total allocations/frees...: 146396/146396 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2460 chars diff --git a/test/results/default/quic-forcing-vn-with-data.pcapng.out b/test/results/default/quic-forcing-vn-with-data.pcapng.out index 73cae8d64..1d831001b 100644 --- a/test/results/default/quic-forcing-vn-with-data.pcapng.out +++ b/test/results/default/quic-forcing-vn-with-data.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602725 bytes -~~ total memory freed........: 7602725 bytes -~~ total allocations/frees...: 142732/142732 +~~ total memory allocated....: 7775718 bytes +~~ total memory freed........: 7775718 bytes +~~ total allocations/frees...: 146413/146413 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 533 chars ~~ json string max len.......: 2149 chars diff --git a/test/results/default/quic-fuzz-overflow.pcapng.out b/test/results/default/quic-fuzz-overflow.pcapng.out index 991325182..06a86649f 100644 --- a/test/results/default/quic-fuzz-overflow.pcapng.out +++ b/test/results/default/quic-fuzz-overflow.pcapng.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593761 bytes -~~ total memory freed........: 7593761 bytes -~~ total allocations/frees...: 142690/142690 +~~ total memory allocated....: 7766754 bytes +~~ total memory freed........: 7766754 bytes +~~ total allocations/frees...: 146371/146371 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 526 chars ~~ json string max len.......: 3094 chars diff --git a/test/results/default/quic-mvfst-22.pcap.out b/test/results/default/quic-mvfst-22.pcap.out index 1e410443c..80ad3bd3e 100644 --- a/test/results/default/quic-mvfst-22.pcap.out +++ b/test/results/default/quic-mvfst-22.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7618091 bytes -~~ total memory freed........: 7618091 bytes -~~ total allocations/frees...: 143201/143201 +~~ total memory allocated....: 7791084 bytes +~~ total memory freed........: 7791084 bytes +~~ total allocations/frees...: 146882/146882 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2292 chars diff --git a/test/results/default/quic-mvfst-22_decryption_error.pcap.out b/test/results/default/quic-mvfst-22_decryption_error.pcap.out index 70dd0b1c3..ee50ec23c 100644 --- a/test/results/default/quic-mvfst-22_decryption_error.pcap.out +++ b/test/results/default/quic-mvfst-22_decryption_error.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604159 bytes -~~ total memory freed........: 7604159 bytes -~~ total allocations/frees...: 142720/142720 +~~ total memory allocated....: 7777152 bytes +~~ total memory freed........: 7777152 bytes +~~ total allocations/frees...: 146401/146401 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 536 chars ~~ json string max len.......: 2187 chars diff --git a/test/results/default/quic-mvfst-27.pcapng.out b/test/results/default/quic-mvfst-27.pcapng.out index 4755ce7ea..7087c5b62 100644 --- a/test/results/default/quic-mvfst-27.pcapng.out +++ b/test/results/default/quic-mvfst-27.pcapng.out @@ -16,9 +16,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604451 bytes -~~ total memory freed........: 7604451 bytes -~~ total allocations/frees...: 142731/142731 +~~ total memory allocated....: 7777444 bytes +~~ total memory freed........: 7777444 bytes +~~ total allocations/frees...: 146412/146412 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 2275 chars diff --git a/test/results/default/quic-mvfst-exp.pcap.out b/test/results/default/quic-mvfst-exp.pcap.out index d9d937f05..ab917c5ae 100644 --- a/test/results/default/quic-mvfst-exp.pcap.out +++ b/test/results/default/quic-mvfst-exp.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604744 bytes -~~ total memory freed........: 7604744 bytes -~~ total allocations/frees...: 142741/142741 +~~ total memory allocated....: 7777737 bytes +~~ total memory freed........: 7777737 bytes +~~ total allocations/frees...: 146422/146422 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2229 chars diff --git a/test/results/default/quic-v2.pcapng.out b/test/results/default/quic-v2.pcapng.out index c66fbe39d..f5163bd8d 100644 --- a/test/results/default/quic-v2.pcapng.out +++ b/test/results/default/quic-v2.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602942 bytes -~~ total memory freed........: 7602942 bytes -~~ total allocations/frees...: 142730/142730 +~~ total memory allocated....: 7775935 bytes +~~ total memory freed........: 7775935 bytes +~~ total allocations/frees...: 146411/146411 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 3324 chars diff --git a/test/results/default/quic.pcap.out b/test/results/default/quic.pcap.out index 2339cb479..21df2bf6a 100644 --- a/test/results/default/quic.pcap.out +++ b/test/results/default/quic.pcap.out @@ -86,9 +86,9 @@ ~~ total active/idle flows...: 10/10 ~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7628155 bytes -~~ total memory freed........: 7628155 bytes -~~ total allocations/frees...: 143315/143315 +~~ total memory allocated....: 7801364 bytes +~~ total memory freed........: 7801364 bytes +~~ total allocations/frees...: 146996/146996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2348 chars diff --git a/test/results/default/quic046.pcap.out b/test/results/default/quic046.pcap.out index b5b41da28..b0b881bad 100644 --- a/test/results/default/quic046.pcap.out +++ b/test/results/default/quic046.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596708 bytes -~~ total memory freed........: 7596708 bytes -~~ total allocations/frees...: 142791/142791 +~~ total memory allocated....: 7769701 bytes +~~ total memory freed........: 7769701 bytes +~~ total allocations/frees...: 146472/146472 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2324 chars diff --git a/test/results/default/quic_0RTT.pcap.out b/test/results/default/quic_0RTT.pcap.out index 6dc17c9fa..badec1742 100644 --- a/test/results/default/quic_0RTT.pcap.out +++ b/test/results/default/quic_0RTT.pcap.out @@ -23,9 +23,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7619732 bytes -~~ total memory freed........: 7619732 bytes -~~ total allocations/frees...: 142762/142762 +~~ total memory allocated....: 7792749 bytes +~~ total memory freed........: 7792749 bytes +~~ total allocations/frees...: 146443/146443 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2215 chars diff --git a/test/results/default/quic_cc_ack.pcapng.out b/test/results/default/quic_cc_ack.pcapng.out index 34954b7a1..4a7e9cb28 100644 --- a/test/results/default/quic_cc_ack.pcapng.out +++ b/test/results/default/quic_cc_ack.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7616576 bytes -~~ total memory freed........: 7616576 bytes -~~ total allocations/frees...: 142741/142741 +~~ total memory allocated....: 7789593 bytes +~~ total memory freed........: 7789593 bytes +~~ total allocations/frees...: 146422/146422 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2352 chars diff --git a/test/results/default/quic_crypto_aes_auth_size.pcap.out b/test/results/default/quic_crypto_aes_auth_size.pcap.out index 0a42a09bc..8bf952b75 100644 --- a/test/results/default/quic_crypto_aes_auth_size.pcap.out +++ b/test/results/default/quic_crypto_aes_auth_size.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7620882 bytes -~~ total memory freed........: 7620882 bytes -~~ total allocations/frees...: 142747/142747 +~~ total memory allocated....: 7793899 bytes +~~ total memory freed........: 7793899 bytes +~~ total allocations/frees...: 146428/146428 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 531 chars ~~ json string max len.......: 2366 chars diff --git a/test/results/default/quic_frags_ch_in_multiple_packets.pcapng.out b/test/results/default/quic_frags_ch_in_multiple_packets.pcapng.out index 68e32b4aa..a9692443e 100644 --- a/test/results/default/quic_frags_ch_in_multiple_packets.pcapng.out +++ b/test/results/default/quic_frags_ch_in_multiple_packets.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7618790 bytes -~~ total memory freed........: 7618790 bytes -~~ total allocations/frees...: 142736/142736 +~~ total memory allocated....: 7791783 bytes +~~ total memory freed........: 7791783 bytes +~~ total allocations/frees...: 146417/146417 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 541 chars ~~ json string max len.......: 2262 chars diff --git a/test/results/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out b/test/results/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out index 18e0bd66b..3319e7379 100644 --- a/test/results/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out +++ b/test/results/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out @@ -673,9 +673,9 @@ ~~ total active/idle flows...: 113/113 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 9528521 bytes -~~ total memory freed........: 9528521 bytes -~~ total allocations/frees...: 146809/146809 +~~ total memory allocated....: 9704202 bytes +~~ total memory freed........: 9704202 bytes +~~ total allocations/frees...: 150490/150490 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 556 chars ~~ json string max len.......: 2404 chars diff --git a/test/results/default/quic_interop_V.pcapng.out b/test/results/default/quic_interop_V.pcapng.out index 5ed43c11e..3bd05a4ae 100644 --- a/test/results/default/quic_interop_V.pcapng.out +++ b/test/results/default/quic_interop_V.pcapng.out @@ -447,9 +447,9 @@ ~~ total active/idle flows...: 77/77 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7762396 bytes -~~ total memory freed........: 7762396 bytes -~~ total allocations/frees...: 143778/143778 +~~ total memory allocated....: 7937213 bytes +~~ total memory freed........: 7937213 bytes +~~ total allocations/frees...: 147459/147459 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 522 chars ~~ json string max len.......: 2241 chars diff --git a/test/results/default/quic_q39.pcap.out b/test/results/default/quic_q39.pcap.out index cbfab0894..96831f3ad 100644 --- a/test/results/default/quic_q39.pcap.out +++ b/test/results/default/quic_q39.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595546 bytes -~~ total memory freed........: 7595546 bytes -~~ total allocations/frees...: 142751/142751 +~~ total memory allocated....: 7768539 bytes +~~ total memory freed........: 7768539 bytes +~~ total allocations/frees...: 146432/146432 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2352 chars diff --git a/test/results/default/quic_q43.pcap.out b/test/results/default/quic_q43.pcap.out index 942e912b9..eeeb93092 100644 --- a/test/results/default/quic_q43.pcap.out +++ b/test/results/default/quic_q43.pcap.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593818 bytes -~~ total memory freed........: 7593818 bytes -~~ total allocations/frees...: 142692/142692 +~~ total memory allocated....: 7766811 bytes +~~ total memory freed........: 7766811 bytes +~~ total allocations/frees...: 146373/146373 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2323 chars diff --git a/test/results/default/quic_q46.pcap.out b/test/results/default/quic_q46.pcap.out index b0627fa2e..748d65c17 100644 --- a/test/results/default/quic_q46.pcap.out +++ b/test/results/default/quic_q46.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594384 bytes -~~ total memory freed........: 7594384 bytes -~~ total allocations/frees...: 142711/142711 +~~ total memory allocated....: 7767377 bytes +~~ total memory freed........: 7767377 bytes +~~ total allocations/frees...: 146392/146392 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2350 chars diff --git a/test/results/default/quic_q46_b.pcap.out b/test/results/default/quic_q46_b.pcap.out index 35219611b..ba5fff00e 100644 --- a/test/results/default/quic_q46_b.pcap.out +++ b/test/results/default/quic_q46_b.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594386 bytes -~~ total memory freed........: 7594386 bytes -~~ total allocations/frees...: 142711/142711 +~~ total memory allocated....: 7767379 bytes +~~ total memory freed........: 7767379 bytes +~~ total allocations/frees...: 146392/146392 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2419 chars diff --git a/test/results/default/quic_q50.pcap.out b/test/results/default/quic_q50.pcap.out index 69f5ba6b4..2a7e045e9 100644 --- a/test/results/default/quic_q50.pcap.out +++ b/test/results/default/quic_q50.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604701 bytes -~~ total memory freed........: 7604701 bytes -~~ total allocations/frees...: 142730/142730 +~~ total memory allocated....: 7777694 bytes +~~ total memory freed........: 7777694 bytes +~~ total allocations/frees...: 146411/146411 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2350 chars diff --git a/test/results/default/quic_t50.pcap.out b/test/results/default/quic_t50.pcap.out index f59c64e1e..7c68b131b 100644 --- a/test/results/default/quic_t50.pcap.out +++ b/test/results/default/quic_t50.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604488 bytes -~~ total memory freed........: 7604488 bytes -~~ total allocations/frees...: 142724/142724 +~~ total memory allocated....: 7777481 bytes +~~ total memory freed........: 7777481 bytes +~~ total allocations/frees...: 146405/146405 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2355 chars diff --git a/test/results/default/quic_t51.pcap.out b/test/results/default/quic_t51.pcap.out index e56221cbc..386ca7bc8 100644 --- a/test/results/default/quic_t51.pcap.out +++ b/test/results/default/quic_t51.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604491 bytes -~~ total memory freed........: 7604491 bytes -~~ total allocations/frees...: 142724/142724 +~~ total memory allocated....: 7777484 bytes +~~ total memory freed........: 7777484 bytes +~~ total allocations/frees...: 146405/146405 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2354 chars diff --git a/test/results/default/quickplay.pcap.out b/test/results/default/quickplay.pcap.out index 5c4740aa0..f1a74dd09 100644 --- a/test/results/default/quickplay.pcap.out +++ b/test/results/default/quickplay.pcap.out @@ -145,9 +145,9 @@ ~~ total active/idle flows...: 21/21 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7656888 bytes -~~ total memory freed........: 7656888 bytes -~~ total allocations/frees...: 143260/143260 +~~ total memory allocated....: 7830361 bytes +~~ total memory freed........: 7830361 bytes +~~ total allocations/frees...: 146941/146941 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2445 chars diff --git a/test/results/default/radius_false_positive.pcapng.out b/test/results/default/radius_false_positive.pcapng.out index b291d5964..031eb431e 100644 --- a/test/results/default/radius_false_positive.pcapng.out +++ b/test/results/default/radius_false_positive.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594050 bytes -~~ total memory freed........: 7594050 bytes -~~ total allocations/frees...: 142700/142700 +~~ total memory allocated....: 7767043 bytes +~~ total memory freed........: 7767043 bytes +~~ total allocations/frees...: 146381/146381 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 529 chars ~~ json string max len.......: 2231 chars diff --git a/test/results/default/raknet.pcap.out b/test/results/default/raknet.pcap.out index 739d3726b..6d6604889 100644 --- a/test/results/default/raknet.pcap.out +++ b/test/results/default/raknet.pcap.out @@ -101,9 +101,9 @@ ~~ total active/idle flows...: 12/12 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7619038 bytes -~~ total memory freed........: 7619038 bytes -~~ total allocations/frees...: 142877/142877 +~~ total memory allocated....: 7792295 bytes +~~ total memory freed........: 7792295 bytes +~~ total allocations/frees...: 146558/146558 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2473 chars diff --git a/test/results/default/rdp.pcap.out b/test/results/default/rdp.pcap.out index 8052bfa2a..a0ea4e4df 100644 --- a/test/results/default/rdp.pcap.out +++ b/test/results/default/rdp.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594350 bytes -~~ total memory freed........: 7594350 bytes -~~ total allocations/frees...: 142711/142711 +~~ total memory allocated....: 7767343 bytes +~~ total memory freed........: 7767343 bytes +~~ total allocations/frees...: 146392/146392 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 1105 chars diff --git a/test/results/default/rdp2.pcap.out b/test/results/default/rdp2.pcap.out index 4854ff7f3..ef93fab79 100644 --- a/test/results/default/rdp2.pcap.out +++ b/test/results/default/rdp2.pcap.out @@ -35,9 +35,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7599169 bytes -~~ total memory freed........: 7599169 bytes -~~ total allocations/frees...: 142754/142754 +~~ total memory allocated....: 7772210 bytes +~~ total memory freed........: 7772210 bytes +~~ total allocations/frees...: 146435/146435 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2168 chars diff --git a/test/results/default/reasm_crash_anon.pcapng.out b/test/results/default/reasm_crash_anon.pcapng.out index 9936a0b4e..22ba20dc3 100644 --- a/test/results/default/reasm_crash_anon.pcapng.out +++ b/test/results/default/reasm_crash_anon.pcapng.out @@ -20,9 +20,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601869 bytes -~~ total memory freed........: 7601869 bytes -~~ total allocations/frees...: 142900/142900 +~~ total memory allocated....: 7774862 bytes +~~ total memory freed........: 7774862 bytes +~~ total allocations/frees...: 146581/146581 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 524 chars ~~ json string max len.......: 2018 chars diff --git a/test/results/default/reasm_segv_anon.pcapng.out b/test/results/default/reasm_segv_anon.pcapng.out index bc908455f..e92471f12 100644 --- a/test/results/default/reasm_segv_anon.pcapng.out +++ b/test/results/default/reasm_segv_anon.pcapng.out @@ -50,9 +50,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596138 bytes -~~ total memory freed........: 7596138 bytes -~~ total allocations/frees...: 142772/142772 +~~ total memory allocated....: 7769131 bytes +~~ total memory freed........: 7769131 bytes +~~ total allocations/frees...: 146453/146453 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 356 chars ~~ json string max len.......: 2505 chars diff --git a/test/results/default/reddit.pcap.out b/test/results/default/reddit.pcap.out index 377e9215c..2b14f33ea 100644 --- a/test/results/default/reddit.pcap.out +++ b/test/results/default/reddit.pcap.out @@ -594,9 +594,9 @@ ~~ total active/idle flows...: 60/60 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8492809 bytes -~~ total memory freed........: 8492809 bytes -~~ total allocations/frees...: 145779/145779 +~~ total memory allocated....: 8667218 bytes +~~ total memory freed........: 8667218 bytes +~~ total allocations/frees...: 149460/149460 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2206 chars diff --git a/test/results/default/riot.pcapng.out b/test/results/default/riot.pcapng.out index 71dee4dfe..52d20d814 100644 --- a/test/results/default/riot.pcapng.out +++ b/test/results/default/riot.pcapng.out @@ -23,9 +23,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7617489 bytes -~~ total memory freed........: 7617489 bytes -~~ total allocations/frees...: 142722/142722 +~~ total memory allocated....: 7790506 bytes +~~ total memory freed........: 7790506 bytes +~~ total allocations/frees...: 146403/146403 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2417 chars diff --git a/test/results/default/riotgames.pcap.out b/test/results/default/riotgames.pcap.out index 0f74d22ed..ac83de798 100644 --- a/test/results/default/riotgames.pcap.out +++ b/test/results/default/riotgames.pcap.out @@ -68,9 +68,9 @@ ~~ total active/idle flows...: 9/9 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7612028 bytes -~~ total memory freed........: 7612028 bytes -~~ total allocations/frees...: 142822/142822 +~~ total memory allocated....: 7785213 bytes +~~ total memory freed........: 7785213 bytes +~~ total allocations/frees...: 146503/146503 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 1102 chars diff --git a/test/results/default/roblox.pcapng.out b/test/results/default/roblox.pcapng.out index 32fc109d1..3c3a29f4d 100644 --- a/test/results/default/roblox.pcapng.out +++ b/test/results/default/roblox.pcapng.out @@ -46,9 +46,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7624718 bytes -~~ total memory freed........: 7624718 bytes -~~ total allocations/frees...: 142809/142809 +~~ total memory allocated....: 7797783 bytes +~~ total memory freed........: 7797783 bytes +~~ total allocations/frees...: 146490/146490 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2509 chars diff --git a/test/results/default/rsh-syslog-false-positive.pcap.out b/test/results/default/rsh-syslog-false-positive.pcap.out index 7266855bf..ccd71b5b7 100644 --- a/test/results/default/rsh-syslog-false-positive.pcap.out +++ b/test/results/default/rsh-syslog-false-positive.pcap.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593992 bytes -~~ total memory freed........: 7593992 bytes -~~ total allocations/frees...: 142698/142698 +~~ total memory allocated....: 7766985 bytes +~~ total memory freed........: 7766985 bytes +~~ total allocations/frees...: 146379/146379 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 366 chars ~~ json string max len.......: 1663 chars diff --git a/test/results/default/rsh.pcap.out b/test/results/default/rsh.pcap.out index 06d8bc7ef..67556e40e 100644 --- a/test/results/default/rsh.pcap.out +++ b/test/results/default/rsh.pcap.out @@ -25,9 +25,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600762 bytes -~~ total memory freed........: 7600762 bytes -~~ total allocations/frees...: 142729/142729 +~~ total memory allocated....: 7773779 bytes +~~ total memory freed........: 7773779 bytes +~~ total allocations/frees...: 146410/146410 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 1243 chars diff --git a/test/results/default/rsync.pcap.out b/test/results/default/rsync.pcap.out index 0ac0dd8e1..7904890f1 100644 --- a/test/results/default/rsync.pcap.out +++ b/test/results/default/rsync.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594630 bytes -~~ total memory freed........: 7594630 bytes -~~ total allocations/frees...: 142720/142720 +~~ total memory allocated....: 7767623 bytes +~~ total memory freed........: 7767623 bytes +~~ total allocations/frees...: 146401/146401 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 971 chars diff --git a/test/results/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out b/test/results/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out index a73ae251d..dcade4649 100644 --- a/test/results/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out +++ b/test/results/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593905 bytes -~~ total memory freed........: 7593905 bytes -~~ total allocations/frees...: 142695/142695 +~~ total memory allocated....: 7766898 bytes +~~ total memory freed........: 7766898 bytes +~~ total allocations/frees...: 146376/146376 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 545 chars ~~ json string max len.......: 1134 chars diff --git a/test/results/default/rtmp.pcap.out b/test/results/default/rtmp.pcap.out index aab7a4790..17c225ca6 100644 --- a/test/results/default/rtmp.pcap.out +++ b/test/results/default/rtmp.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596562 bytes -~~ total memory freed........: 7596562 bytes -~~ total allocations/frees...: 142717/142717 +~~ total memory allocated....: 7769555 bytes +~~ total memory freed........: 7769555 bytes +~~ total allocations/frees...: 146398/146398 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2524 chars diff --git a/test/results/default/rtp.pcapng.out b/test/results/default/rtp.pcapng.out index 2f06c6cc5..f7e988a38 100644 --- a/test/results/default/rtp.pcapng.out +++ b/test/results/default/rtp.pcapng.out @@ -34,9 +34,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600183 bytes -~~ total memory freed........: 7600183 bytes -~~ total allocations/frees...: 142787/142787 +~~ total memory allocated....: 7773224 bytes +~~ total memory freed........: 7773224 bytes +~~ total allocations/frees...: 146468/146468 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2487 chars diff --git a/test/results/default/rtsp.pcap.out b/test/results/default/rtsp.pcap.out index 45dd6e9d0..bb8fac274 100644 --- a/test/results/default/rtsp.pcap.out +++ b/test/results/default/rtsp.pcap.out @@ -71,9 +71,9 @@ ~~ total active/idle flows...: 7/7 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7638292 bytes -~~ total memory freed........: 7638292 bytes -~~ total allocations/frees...: 143360/143360 +~~ total memory allocated....: 7811429 bytes +~~ total memory freed........: 7811429 bytes +~~ total allocations/frees...: 147041/147041 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2224 chars diff --git a/test/results/default/rtsp_setup_http.pcapng.out b/test/results/default/rtsp_setup_http.pcapng.out index c373c206c..a4869e628 100644 --- a/test/results/default/rtsp_setup_http.pcapng.out +++ b/test/results/default/rtsp_setup_http.pcapng.out @@ -13,9 +13,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595889 bytes -~~ total memory freed........: 7595889 bytes -~~ total allocations/frees...: 142693/142693 +~~ total memory allocated....: 7768882 bytes +~~ total memory freed........: 7768882 bytes +~~ total allocations/frees...: 146374/146374 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 1213 chars diff --git a/test/results/default/rx.pcap.out b/test/results/default/rx.pcap.out index 7e6d2b0a5..ff93d56e1 100644 --- a/test/results/default/rx.pcap.out +++ b/test/results/default/rx.pcap.out @@ -46,9 +46,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7606084 bytes -~~ total memory freed........: 7606084 bytes -~~ total allocations/frees...: 142866/142866 +~~ total memory allocated....: 7779173 bytes +~~ total memory freed........: 7779173 bytes +~~ total allocations/frees...: 146547/146547 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 508 chars ~~ json string max len.......: 2164 chars diff --git a/test/results/default/s7comm.pcap.out b/test/results/default/s7comm.pcap.out index 0e4b1f909..b4f62f451 100644 --- a/test/results/default/s7comm.pcap.out +++ b/test/results/default/s7comm.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595355 bytes -~~ total memory freed........: 7595355 bytes -~~ total allocations/frees...: 142745/142745 +~~ total memory allocated....: 7768348 bytes +~~ total memory freed........: 7768348 bytes +~~ total allocations/frees...: 146426/146426 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2263 chars diff --git a/test/results/default/safari.pcap.out b/test/results/default/safari.pcap.out index adbaf6ab3..1e17feb46 100644 --- a/test/results/default/safari.pcap.out +++ b/test/results/default/safari.pcap.out @@ -75,9 +75,9 @@ ~~ total active/idle flows...: 7/7 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7656572 bytes -~~ total memory freed........: 7656572 bytes -~~ total allocations/frees...: 142958/142958 +~~ total memory allocated....: 7829709 bytes +~~ total memory freed........: 7829709 bytes +~~ total allocations/frees...: 146639/146639 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2302 chars diff --git a/test/results/default/salesforce.pcap.out b/test/results/default/salesforce.pcap.out index 1736ad568..6360ac22d 100644 --- a/test/results/default/salesforce.pcap.out +++ b/test/results/default/salesforce.pcap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604677 bytes -~~ total memory freed........: 7604677 bytes -~~ total allocations/frees...: 142715/142715 +~~ total memory allocated....: 7777670 bytes +~~ total memory freed........: 7777670 bytes +~~ total allocations/frees...: 146396/146396 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 1568 chars diff --git a/test/results/default/sccp_hw_conf_register.pcapng.out b/test/results/default/sccp_hw_conf_register.pcapng.out index 174381bcd..b1f80f530 100644 --- a/test/results/default/sccp_hw_conf_register.pcapng.out +++ b/test/results/default/sccp_hw_conf_register.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594253 bytes -~~ total memory freed........: 7594253 bytes -~~ total allocations/frees...: 142707/142707 +~~ total memory allocated....: 7767246 bytes +~~ total memory freed........: 7767246 bytes +~~ total allocations/frees...: 146388/146388 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 529 chars ~~ json string max len.......: 997 chars diff --git a/test/results/default/sctp.cap.out b/test/results/default/sctp.cap.out index ed45023aa..5ece5d855 100644 --- a/test/results/default/sctp.cap.out +++ b/test/results/default/sctp.cap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596000 bytes -~~ total memory freed........: 7596000 bytes -~~ total allocations/frees...: 142705/142705 +~~ total memory allocated....: 7769017 bytes +~~ total memory freed........: 7769017 bytes +~~ total allocations/frees...: 146386/146386 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 1055 chars diff --git a/test/results/default/selfsigned.pcap.out b/test/results/default/selfsigned.pcap.out index 3d4453dbf..666d50418 100644 --- a/test/results/default/selfsigned.pcap.out +++ b/test/results/default/selfsigned.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598588 bytes -~~ total memory freed........: 7598588 bytes -~~ total allocations/frees...: 142717/142717 +~~ total memory allocated....: 7771581 bytes +~~ total memory freed........: 7771581 bytes +~~ total allocations/frees...: 146398/146398 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 1686 chars diff --git a/test/results/default/sflow.pcap.out b/test/results/default/sflow.pcap.out index 35a3ae7ad..0b8d8e86a 100644 --- a/test/results/default/sflow.pcap.out +++ b/test/results/default/sflow.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594021 bytes -~~ total memory freed........: 7594021 bytes -~~ total allocations/frees...: 142699/142699 +~~ total memory allocated....: 7767014 bytes +~~ total memory freed........: 7767014 bytes +~~ total allocations/frees...: 146380/146380 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 973 chars diff --git a/test/results/default/shadowsocks.pcap.out b/test/results/default/shadowsocks.pcap.out new file mode 100644 index 000000000..70d85b183 --- /dev/null +++ b/test/results/default/shadowsocks.pcap.out @@ -0,0 +1,34 @@ +00512{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} +00575{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1690018458225809} +00771{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690018458225809,"flow_src_last_pkt_time":1690018458225809,"flow_dst_last_pkt_time":1690018458225809,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690018458225809,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":37904,"dst_port":1080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1690018458225809,"flow_dst_last_pkt_time":1690018458225809,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1690018458225809,"pkt":"AAAAAAAAAAAAAAAACABFAAA8OlVAAEAGAmV\/AAABfwAAAZQQBDjOLDYWAAAAAKAC\/9f+MAAAAgT\/1wQCCApvLCb4AAAAAAEDAwc="} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1690018458225809,"flow_dst_last_pkt_time":1690018458225829,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1690018458225829,"pkt":"AAAAAAAAAAAAAAAACABFAAA8AABAAEAGPLp\/AAABfwAAAQQ4lBAtEiM8ziw2F6AS\/8v+MAAAAgT\/1wQCCApvLCb4bywm+AEDAwc="} +00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1690018458225846,"flow_dst_last_pkt_time":1690018458225829,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1690018458225846,"pkt":"AAAAAAAAAAAAAAAACABFAAA0OlZAAEAGAmx\/AAABfwAAAZQQBDjOLDYXLRIjPYAQAgD+KAAAAQEICm8sJvhvLCb4"} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1690018458225900,"flow_dst_last_pkt_time":1690018458225829,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":1690018458225900,"pkt":"AAAAAAAAAAAAAAAACABFAAA4OldAAEAGAmd\/AAABfwAAAZQQBDjOLDYXLRIjPYAYAgD+LAAAAQEICm8sJvhvLCb4BQIAAQ=="} +00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1690018458225900,"flow_dst_last_pkt_time":1690018458225907,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1690018458225907,"pkt":"AAAAAAAAAAAAAAAACABFAAA06eBAAEAGUuF\/AAABfwAAAQQ4lBAtEiM9ziw2G4AQAgD+KAAAAQEICm8sJvhvLCb4"} +00917{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1690018458225809,"flow_src_last_pkt_time":1690018458225900,"flow_dst_last_pkt_time":1690018458226202,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":4,"flow_dst_max_l4_payload_len":2,"flow_src_tot_l4_payload_len":4,"flow_dst_tot_l4_payload_len":2,"midstream":0,"thread_ts_usec":1690018458226202,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":37904,"dst_port":1080,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"SOCKS","proto_id":"172","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}} +00772{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1690018458886918,"flow_src_last_pkt_time":1690018458886918,"flow_dst_last_pkt_time":1690018458886918,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1690018458886918,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":44276,"dst_port":8388,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1690018458886918,"flow_dst_last_pkt_time":1690018458886918,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1690018458886918,"pkt":"AAAAAAAAAAAAAAAACABFAAA8wUhAAEAGe3F\/AAABfwAAAaz0IMRS8gnHAAAAAKAC\/9f+MAAAAgT\/1wQCCApvLCmNAAAAAAEDAwc="} +00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1690018458886918,"flow_dst_last_pkt_time":1690018458886939,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1690018458886939,"pkt":"AAAAAAAAAAAAAAAACABFAAA8AABAAEAGPLp\/AAABfwAAASDErPSVK9AaUvIJyKAS\/8v+MAAAAgT\/1wQCCApvLCmNbywpjQEDAwc="} +00546{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1690018458886959,"flow_dst_last_pkt_time":1690018458886939,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1690018458886959,"pkt":"AAAAAAAAAAAAAAAACABFAAA0wUlAAEAGe3h\/AAABfwAAAaz0IMRS8gnIlSvQG4AQAgD+KAAAAQEICm8sKY1vLCmN"} +00692{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1690018458887195,"flow_dst_last_pkt_time":1690018458886939,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":171,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":171,"pkt_l4_len":137,"thread_ts_usec":1690018458887195,"pkt":"AAAAAAAAAAAAAAAACABFAACdwUpAAEAGew5\/AAABfwAAAaz0IMRS8gnIlSvQG4AYAgD+kQAAAQEICm8sKY1vLCmN9Jz7C4eWuocUJj1o\/DStnOtT7yHrSZbwGzrZdEDEj8cLRJytn131jAv2ZYBNWhV8F1FMlswjixPq0wDJxTP2N6PSo\/A0uPJn1lVJ\/AXV5m1d3xPTCJ+a1Z47KuFEJn+x3GpzVmbaE1jG"} +00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1690018458887195,"flow_dst_last_pkt_time":1690018458887207,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1690018458887207,"pkt":"AAAAAAAAAAAAAAAACABFAAA0SbtAAEAG8wZ\/AAABfwAAASDErPSVK9AbUvIKMYAQAf\/+KAAAAQEICm8sKY1vLCmN"} +00968{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":13,"flow_first_seen":1690018458225809,"flow_src_last_pkt_time":1690018459714485,"flow_dst_last_pkt_time":1690018459714444,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":16384,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":67329,"midstream":0,"thread_ts_usec":1690018459714642,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":37904,"dst_port":1080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SOCKS","proto_id":"172","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1690018458886918,"flow_src_last_pkt_time":1690018459714642,"flow_dst_last_pkt_time":1690018459714613,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":105,"flow_dst_max_l4_payload_len":18085,"flow_src_tot_l4_payload_len":105,"flow_dst_tot_l4_payload_len":67333,"midstream":0,"thread_ts_usec":1690018459714642,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":44276,"dst_port":8388,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1690018458886918,"flow_src_last_pkt_time":1690018459714642,"flow_dst_last_pkt_time":1690018459714613,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":105,"flow_dst_max_l4_payload_len":18085,"flow_src_tot_l4_payload_len":105,"flow_dst_tot_l4_payload_len":67333,"midstream":0,"thread_ts_usec":1690018459714642,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":44276,"dst_port":8388,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00586{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/shadowsocks.pcap","alias":"nDPId-test","packets-captured":44,"packets-processed":44,"total-skipped-flows":0,"total-l4-payload-len":134863,"total-not-detected-flows":1,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":19,"global_ts_usec":1690018459714642} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 44/44 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 134863 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 2/2 +~~ total timeout flows.......: 0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 7774273 bytes +~~ total memory freed........: 7774273 bytes +~~ total allocations/frees...: 146428/146428 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ json string min len.......: 517 chars +~~ json string max len.......: 1004 chars +~~ json string avg len.......: 756 chars diff --git a/test/results/default/signal.pcap.out b/test/results/default/signal.pcap.out index e7aa31196..1548bef22 100644 --- a/test/results/default/signal.pcap.out +++ b/test/results/default/signal.pcap.out @@ -179,9 +179,9 @@ ~~ total active/idle flows...: 19/19 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7881479 bytes -~~ total memory freed........: 7881479 bytes -~~ total allocations/frees...: 143655/143655 +~~ total memory allocated....: 8054904 bytes +~~ total memory freed........: 8054904 bytes +~~ total allocations/frees...: 147336/147336 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2182 chars diff --git a/test/results/default/simple-dnscrypt.pcap.out b/test/results/default/simple-dnscrypt.pcap.out index e268a8984..b872a4191 100644 --- a/test/results/default/simple-dnscrypt.pcap.out +++ b/test/results/default/simple-dnscrypt.pcap.out @@ -53,9 +53,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7692795 bytes -~~ total memory freed........: 7692795 bytes -~~ total allocations/frees...: 142882/142882 +~~ total memory allocated....: 7865860 bytes +~~ total memory freed........: 7865860 bytes +~~ total allocations/frees...: 146563/146563 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 2001 chars diff --git a/test/results/default/sip.pcap.out b/test/results/default/sip.pcap.out index aa1f2c731..7963dc093 100644 --- a/test/results/default/sip.pcap.out +++ b/test/results/default/sip.pcap.out @@ -65,9 +65,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7603380 bytes -~~ total memory freed........: 7603380 bytes -~~ total allocations/frees...: 142835/142835 +~~ total memory allocated....: 7776445 bytes +~~ total memory freed........: 7776445 bytes +~~ total allocations/frees...: 146516/146516 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2421 chars diff --git a/test/results/default/sip_hello.pcapng.out b/test/results/default/sip_hello.pcapng.out index e85f42003..004c57891 100644 --- a/test/results/default/sip_hello.pcapng.out +++ b/test/results/default/sip_hello.pcapng.out @@ -26,9 +26,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594630 bytes -~~ total memory freed........: 7594630 bytes -~~ total allocations/frees...: 142720/142720 +~~ total memory allocated....: 7767623 bytes +~~ total memory freed........: 7767623 bytes +~~ total allocations/frees...: 146401/146401 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 517 chars ~~ json string max len.......: 982 chars diff --git a/test/results/default/sites.pcapng.out b/test/results/default/sites.pcapng.out index 008bf7e58..c432e1a79 100644 --- a/test/results/default/sites.pcapng.out +++ b/test/results/default/sites.pcapng.out @@ -410,9 +410,9 @@ ~~ total active/idle flows...: 47/47 ~~ total timeout flows.......: 4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8195525 bytes -~~ total memory freed........: 8195525 bytes -~~ total allocations/frees...: 144253/144253 +~~ total memory allocated....: 8369622 bytes +~~ total memory freed........: 8369622 bytes +~~ total allocations/frees...: 147934/147934 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2621 chars diff --git a/test/results/default/skinny.pcap.out b/test/results/default/skinny.pcap.out index f43bdcc62..50ec9cd97 100644 --- a/test/results/default/skinny.pcap.out +++ b/test/results/default/skinny.pcap.out @@ -82,9 +82,9 @@ ~~ total active/idle flows...: 9/9 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7696795 bytes -~~ total memory freed........: 7696795 bytes -~~ total allocations/frees...: 145745/145745 +~~ total memory allocated....: 7869980 bytes +~~ total memory freed........: 7869980 bytes +~~ total allocations/frees...: 149426/149426 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2312 chars diff --git a/test/results/default/skype-conference-call.pcap.out b/test/results/default/skype-conference-call.pcap.out index a61be85b1..cee3dc76c 100644 --- a/test/results/default/skype-conference-call.pcap.out +++ b/test/results/default/skype-conference-call.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7599560 bytes -~~ total memory freed........: 7599560 bytes -~~ total allocations/frees...: 142890/142890 +~~ total memory allocated....: 7772553 bytes +~~ total memory freed........: 7772553 bytes +~~ total allocations/frees...: 146571/146571 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 527 chars ~~ json string max len.......: 2439 chars diff --git a/test/results/default/skype.pcap.out b/test/results/default/skype.pcap.out index 30db7fd95..0862e8111 100644 --- a/test/results/default/skype.pcap.out +++ b/test/results/default/skype.pcap.out @@ -1679,7 +1679,7 @@ 00563{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3221,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":1,"flow_src_last_pkt_time":1431969791166147,"flow_dst_last_pkt_time":1431969791166147,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1431969791166147,"pkt":"0NQSxnP1PBXCt3IOCABFAABA8JJAAEAGte\/AqAEinTg1M8PhMD4fbaHhAAAAALAC\/\/\/hugAAAgQFtAEDAwUBAQgKPiTNeQAAAAAEAgAA"} 00926{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969643944313,"flow_src_last_pkt_time":1431969668477830,"flow_dst_last_pkt_time":1431969668477732,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":234,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50030,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00780{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969643944313,"flow_src_last_pkt_time":1431969668477830,"flow_dst_last_pkt_time":1431969668477732,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":234,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50030,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00870{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969642336869,"flow_src_last_pkt_time":1431969661480928,"flow_dst_last_pkt_time":1431969661480832,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":98,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":127,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50026,"dst_port":40002,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00997{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969642336869,"flow_src_last_pkt_time":1431969661480928,"flow_dst_last_pkt_time":1431969661480832,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":98,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":127,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50026,"dst_port":40002,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969642336869,"flow_src_last_pkt_time":1431969661480928,"flow_dst_last_pkt_time":1431969661480832,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":57,"flow_dst_max_l4_payload_len":98,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":127,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.33","src_port":50026,"dst_port":40002,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":1431969642087286,"flow_src_last_pkt_time":1431969695591631,"flow_dst_last_pkt_time":1431969642087286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":312,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":52850,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01103{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3224,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969642247578,"flow_src_last_pkt_time":1431969668794403,"flow_dst_last_pkt_time":1431969642247578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":217,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969791465674,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":65426,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -1733,9 +1733,9 @@ 00561{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3242,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":5,"flow_src_last_pkt_time":1431969796788485,"flow_dst_last_pkt_time":1431969792778032,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1431969796788485,"pkt":"0NQSxnP1PBXCt3IOCABFAABAV05AAEAGTzTAqAEinTg1M8PiAbsrN9oxAAAAALAC\/\/+2NQAAAgQFtAEDAwUBAQgKPiTjZgAAAAAEAgAA"} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3247,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":4,"flow_src_last_pkt_time":1431969799018123,"flow_dst_last_pkt_time":1431969793871150,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":72,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":72,"pkt_l4_len":38,"thread_ts_usec":1431969799018123,"pkt":"0NQSxnP1PBXCt3IOCABFAAA6VP0AAEARokLAqAEiwKgBAdpVADUAJgS+DhkBAAABAAAAAAAAAnVpBXNreXBlA2NvbQAAAQAB"} 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3250,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":5,"flow_src_last_pkt_time":1431969802019013,"flow_dst_last_pkt_time":1431969793871150,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":72,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":72,"pkt_l4_len":38,"thread_ts_usec":1431969802019013,"pkt":"0NQSxnP1PBXCt3IOCABFAAA6+ugAAEAR\/FbAqAEiwKgBAdpVADUAJgS+DhkBAAABAAAAAAAAAnVpBXNreXBlA2NvbQAAAQAB"} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367596,"flow_src_last_pkt_time":1431969678270658,"flow_dst_last_pkt_time":1431969678270544,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":63,"flow_dst_max_l4_payload_len":59,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.170","src_port":50033,"dst_port":40015,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367596,"flow_src_last_pkt_time":1431969678270658,"flow_dst_last_pkt_time":1431969678270544,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":63,"flow_dst_max_l4_payload_len":59,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.170","src_port":50033,"dst_port":40015,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367596,"flow_src_last_pkt_time":1431969678270658,"flow_dst_last_pkt_time":1431969678270544,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":63,"flow_dst_max_l4_payload_len":59,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.170","src_port":50033,"dst_port":40015,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367809,"flow_src_last_pkt_time":1431969676525940,"flow_dst_last_pkt_time":1431969676525836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":72,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.140","src_port":50034,"dst_port":40033,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367809,"flow_src_last_pkt_time":1431969676525940,"flow_dst_last_pkt_time":1431969676525836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":72,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.140","src_port":50034,"dst_port":40033,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367809,"flow_src_last_pkt_time":1431969676525940,"flow_dst_last_pkt_time":1431969676525836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":72,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.140","src_port":50034,"dst_port":40033,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00922{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1431969675567066,"flow_src_last_pkt_time":1431969675716487,"flow_dst_last_pkt_time":1431969675716370,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"17.172.100.36","src_port":50024,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Apple","proto_by_ip_id":140,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00776{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1431969675567066,"flow_src_last_pkt_time":1431969675716487,"flow_dst_last_pkt_time":1431969675716370,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"17.172.100.36","src_port":50024,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -1757,41 +1757,41 @@ 01119{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969653376411,"flow_src_last_pkt_time":1431969653376411,"flow_dst_last_pkt_time":1431969653376411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.155","src_port":13021,"dst_port":40020,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01119{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3251,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969654389222,"flow_src_last_pkt_time":1431969654389222,"flow_dst_last_pkt_time":1431969654389222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969802019013,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.176","src_port":13021,"dst_port":40022,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 02028{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":3269,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1431969771806353,"flow_src_last_pkt_time":1431969808100305,"flow_dst_last_pkt_time":1431969777317750,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1531,"flow_dst_tot_l4_payload_len":1305,"midstream":0,"thread_ts_usec":1431969808100305,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50138,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":98,"avg":1348559.6,"max":30125563,"stddev":5301136.0,"var":28102044418048.0,"ent":1.9,"data": [214728,214808,140,223488,223372,360,217535,217176,213636,213655,98,315319,2988490,3022192,145311,494208,215912,215930,3576,275623,272053,209,291401,291140,160,74979,137019,211866,164254,30125563,821148]},"pktlen": {"min":52,"avg":141.4,"max":1076,"stddev":232.5,"var":54056.9,"ent":4.0,"data": [64,64,52,92,87,52,69,66,52,66,52,56,52,828,52,1076,52,142,52,608,87,132,81,97,52,81,52,100,52,52,52,52]},"bins": {"c_to_s": [15,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [7,4,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,0,0,1,0,1,0,0,1,0,1,1,0,1,0,0,1,0,0,1,0,0,1,1,0,1,0,0],"entropies": [4.654482365,4.685732365,4.944975376,5.966120720,5.970302582,5.308815479,5.715485096,5.705540657,5.270353794,5.705540657,5.270353794,5.300843716,5.347277164,7.737775803,5.385738850,7.811435223,5.116507530,6.632953644,5.231892586,7.624665260,6.070933819,6.535917759,5.915600300,6.177032948,5.154969215,5.788875103,5.231892586,6.220213890,5.193430901,5.347277164,5.193430901,5.270353794]}} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664322,"flow_src_last_pkt_time":1431969723753428,"flow_dst_last_pkt_time":1431969723753303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":87,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.15","src_port":50098,"dst_port":40026,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664322,"flow_src_last_pkt_time":1431969723753428,"flow_dst_last_pkt_time":1431969723753303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":87,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.15","src_port":50098,"dst_port":40026,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664322,"flow_src_last_pkt_time":1431969723753428,"flow_dst_last_pkt_time":1431969723753303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":87,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.15","src_port":50098,"dst_port":40026,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00875{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969665416513,"flow_src_last_pkt_time":1431969685656594,"flow_dst_last_pkt_time":1431969685656480,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.150","src_port":50046,"dst_port":40011,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01002{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969665416513,"flow_src_last_pkt_time":1431969685656594,"flow_dst_last_pkt_time":1431969685656480,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.150","src_port":50046,"dst_port":40011,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00787{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969665416513,"flow_src_last_pkt_time":1431969685656594,"flow_dst_last_pkt_time":1431969685656480,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":114,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.150","src_port":50046,"dst_port":40011,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00875{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969673443587,"flow_src_last_pkt_time":1431969692603935,"flow_dst_last_pkt_time":1431969692603839,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":106,"flow_dst_max_l4_payload_len":97,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":149,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50054,"dst_port":40005,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01002{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969673443587,"flow_src_last_pkt_time":1431969692603935,"flow_dst_last_pkt_time":1431969692603839,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":106,"flow_dst_max_l4_payload_len":97,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":149,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50054,"dst_port":40005,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00787{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969673443587,"flow_src_last_pkt_time":1431969692603935,"flow_dst_last_pkt_time":1431969692603839,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":106,"flow_dst_max_l4_payload_len":97,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":149,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50054,"dst_port":40005,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01101{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":1431969642087286,"flow_src_last_pkt_time":1431969695591631,"flow_dst_last_pkt_time":1431969642087286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":312,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":52850,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00874{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969667439791,"flow_src_last_pkt_time":1431969689428787,"flow_dst_last_pkt_time":1431969689428675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":96,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.166","src_port":50049,"dst_port":40021,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969667439791,"flow_src_last_pkt_time":1431969689428787,"flow_dst_last_pkt_time":1431969689428675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":96,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.166","src_port":50049,"dst_port":40021,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00786{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969667439791,"flow_src_last_pkt_time":1431969689428787,"flow_dst_last_pkt_time":1431969689428675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":96,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.166","src_port":50049,"dst_port":40021,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969663377930,"flow_src_last_pkt_time":1431969687753538,"flow_dst_last_pkt_time":1431969687753423,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":79,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":135,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.167","src_port":50044,"dst_port":40031,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969663377930,"flow_src_last_pkt_time":1431969687753538,"flow_dst_last_pkt_time":1431969687753423,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":79,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":135,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.167","src_port":50044,"dst_port":40031,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969663377930,"flow_src_last_pkt_time":1431969687753538,"flow_dst_last_pkt_time":1431969687753423,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":79,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":135,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.167","src_port":50044,"dst_port":40031,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470381,"flow_src_last_pkt_time":1431969722393869,"flow_dst_last_pkt_time":1431969722520463,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":51,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":51,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.173","src_port":50074,"dst_port":40003,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470381,"flow_src_last_pkt_time":1431969722393869,"flow_dst_last_pkt_time":1431969722520463,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":51,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":51,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.173","src_port":50074,"dst_port":40003,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470381,"flow_src_last_pkt_time":1431969722393869,"flow_dst_last_pkt_time":1431969722520463,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":51,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":51,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.173","src_port":50074,"dst_port":40003,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443345,"flow_src_last_pkt_time":1431969701671718,"flow_dst_last_pkt_time":1431969701671600,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.146","src_port":50053,"dst_port":40030,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443345,"flow_src_last_pkt_time":1431969701671718,"flow_dst_last_pkt_time":1431969701671600,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.146","src_port":50053,"dst_port":40030,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443345,"flow_src_last_pkt_time":1431969701671718,"flow_dst_last_pkt_time":1431969701671600,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.146","src_port":50053,"dst_port":40030,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01095{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969675950344,"flow_src_last_pkt_time":1431969702405683,"flow_dst_last_pkt_time":1431969675950344,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":51,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":357,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":63108,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Microsoft","proto_id":"5.212","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969683498513,"flow_src_last_pkt_time":1431969716109861,"flow_dst_last_pkt_time":1431969716234710,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":55,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.170","src_port":50070,"dst_port":40018,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969683498513,"flow_src_last_pkt_time":1431969716109861,"flow_dst_last_pkt_time":1431969716234710,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":55,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.170","src_port":50070,"dst_port":40018,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969683498513,"flow_src_last_pkt_time":1431969716109861,"flow_dst_last_pkt_time":1431969716234710,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":55,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":119,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.170","src_port":50070,"dst_port":40018,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470785,"flow_src_last_pkt_time":1431969717166772,"flow_dst_last_pkt_time":1431969717232356,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":93,"flow_src_tot_l4_payload_len":147,"flow_dst_tot_l4_payload_len":93,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":50076,"dst_port":40014,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470785,"flow_src_last_pkt_time":1431969717166772,"flow_dst_last_pkt_time":1431969717232356,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":93,"flow_src_tot_l4_payload_len":147,"flow_dst_tot_l4_payload_len":93,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":50076,"dst_port":40014,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969689470785,"flow_src_last_pkt_time":1431969717166772,"flow_dst_last_pkt_time":1431969717232356,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":93,"flow_src_tot_l4_payload_len":147,"flow_dst_tot_l4_payload_len":93,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":50076,"dst_port":40014,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969681480233,"flow_src_last_pkt_time":1431969709213073,"flow_dst_last_pkt_time":1431969709213005,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":59,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.160","src_port":50067,"dst_port":40027,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969681480233,"flow_src_last_pkt_time":1431969709213073,"flow_dst_last_pkt_time":1431969709213005,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":59,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.160","src_port":50067,"dst_port":40027,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":5,"flow_first_seen":1431969681480233,"flow_src_last_pkt_time":1431969709213073,"flow_dst_last_pkt_time":1431969709213005,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":59,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.160","src_port":50067,"dst_port":40027,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969690481458,"flow_src_last_pkt_time":1431969722604314,"flow_dst_last_pkt_time":1431969722726989,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50077,"dst_port":40022,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969690481458,"flow_src_last_pkt_time":1431969722604314,"flow_dst_last_pkt_time":1431969722726989,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50077,"dst_port":40022,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969690481458,"flow_src_last_pkt_time":1431969722604314,"flow_dst_last_pkt_time":1431969722726989,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50077,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00874{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969699577033,"flow_src_last_pkt_time":1431969718631176,"flow_dst_last_pkt_time":1431969718631081,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":140,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.155","src_port":50092,"dst_port":40020,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969699577033,"flow_src_last_pkt_time":1431969718631176,"flow_dst_last_pkt_time":1431969718631081,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":140,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.155","src_port":50092,"dst_port":40020,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00786{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969699577033,"flow_src_last_pkt_time":1431969718631176,"flow_dst_last_pkt_time":1431969718631081,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":140,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.155","src_port":50092,"dst_port":40020,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969658376019,"flow_src_last_pkt_time":1431969684505385,"flow_dst_last_pkt_time":1431969684569058,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":112,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":50035,"dst_port":40021,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969658376019,"flow_src_last_pkt_time":1431969684505385,"flow_dst_last_pkt_time":1431969684569058,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":112,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":50035,"dst_port":40021,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969658376019,"flow_src_last_pkt_time":1431969684505385,"flow_dst_last_pkt_time":1431969684569058,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":112,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":50035,"dst_port":40021,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664195,"flow_src_last_pkt_time":1431969722362143,"flow_dst_last_pkt_time":1431969722362075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.176","src_port":50097,"dst_port":40022,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664195,"flow_src_last_pkt_time":1431969722362143,"flow_dst_last_pkt_time":1431969722362075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.176","src_port":50097,"dst_port":40022,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969704664195,"flow_src_last_pkt_time":1431969722362143,"flow_dst_last_pkt_time":1431969722362075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.176","src_port":50097,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":2,"flow_first_seen":1431969788719766,"flow_src_last_pkt_time":1431969803191195,"flow_dst_last_pkt_time":1431969788891675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":131,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50143,"dst_port":29059,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":2,"flow_first_seen":1431969788719766,"flow_src_last_pkt_time":1431969803191195,"flow_dst_last_pkt_time":1431969788891675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":131,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50143,"dst_port":29059,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":2,"flow_first_seen":1431969788719766,"flow_src_last_pkt_time":1431969803191195,"flow_dst_last_pkt_time":1431969788891675,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":131,"flow_dst_tot_l4_payload_len":57,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50143,"dst_port":29059,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":4,"flow_first_seen":1431969789832358,"flow_src_last_pkt_time":1431969808350555,"flow_dst_last_pkt_time":1431969790244352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":125,"flow_dst_tot_l4_payload_len":70,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50144,"dst_port":29059,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":4,"flow_first_seen":1431969789832358,"flow_src_last_pkt_time":1431969808350555,"flow_dst_last_pkt_time":1431969790244352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":125,"flow_dst_tot_l4_payload_len":70,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50144,"dst_port":29059,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":4,"flow_first_seen":1431969789832358,"flow_src_last_pkt_time":1431969808350555,"flow_dst_last_pkt_time":1431969790244352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":125,"flow_dst_tot_l4_payload_len":70,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"78.202.226.115","src_port":50144,"dst_port":29059,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00874{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431969689470548,"flow_src_last_pkt_time":1431969716531646,"flow_dst_last_pkt_time":1431969716588503,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":164,"flow_dst_tot_l4_payload_len":63,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.142","src_port":50075,"dst_port":40003,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431969689470548,"flow_src_last_pkt_time":1431969716531646,"flow_dst_last_pkt_time":1431969716588503,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":164,"flow_dst_tot_l4_payload_len":63,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.142","src_port":50075,"dst_port":40003,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00786{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431969689470548,"flow_src_last_pkt_time":1431969716531646,"flow_dst_last_pkt_time":1431969716588503,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":164,"flow_dst_tot_l4_payload_len":63,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.142","src_port":50075,"dst_port":40003,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969659392325,"flow_src_last_pkt_time":1431969659392325,"flow_dst_last_pkt_time":1431969659392325,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":22,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":22,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":22,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.24","src_port":13021,"dst_port":40001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969660403962,"flow_src_last_pkt_time":1431969660403962,"flow_dst_last_pkt_time":1431969660403962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":22,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":22,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":22,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.21","src_port":13021,"dst_port":40004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -1806,11 +1806,11 @@ 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969683498651,"flow_src_last_pkt_time":1431969683498651,"flow_dst_last_pkt_time":1431969683498651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":27,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":27,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":27,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.37","src_port":13021,"dst_port":40032,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969665416767,"flow_src_last_pkt_time":1431969665416767,"flow_dst_last_pkt_time":1431969665416767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.146","src_port":13021,"dst_port":33033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1431969698743022,"flow_src_last_pkt_time":1431969698743022,"flow_dst_last_pkt_time":1431969698797139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":40,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":40,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":63321,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367363,"flow_src_last_pkt_time":1431969688011370,"flow_dst_last_pkt_time":1431969688218075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":109,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.44","src_port":50032,"dst_port":40032,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367363,"flow_src_last_pkt_time":1431969688011370,"flow_dst_last_pkt_time":1431969688218075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":109,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.44","src_port":50032,"dst_port":40032,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969657367363,"flow_src_last_pkt_time":1431969688011370,"flow_dst_last_pkt_time":1431969688218075,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":109,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.44","src_port":50032,"dst_port":40032,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01095{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969675950087,"flow_src_last_pkt_time":1431969702405684,"flow_dst_last_pkt_time":1431969675950087,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":51,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":357,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":55159,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Microsoft","proto_id":"5.212","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Safe","category_id":14,"category":"Network"}} 01101{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969642247578,"flow_src_last_pkt_time":1431969668794403,"flow_dst_last_pkt_time":1431969642247578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":217,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":65426,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00883{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":231,"flow_dst_packets_processed":241,"flow_first_seen":1431969710853799,"flow_src_last_pkt_time":1431969807279227,"flow_dst_last_pkt_time":1431969791042699,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":44974,"flow_dst_tot_l4_payload_len":88481,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.28","src_port":50108,"dst_port":40009,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01010{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":231,"flow_dst_packets_processed":241,"flow_first_seen":1431969710853799,"flow_src_last_pkt_time":1431969807279227,"flow_dst_last_pkt_time":1431969791042699,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":44974,"flow_dst_tot_l4_payload_len":88481,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.28","src_port":50108,"dst_port":40009,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":231,"flow_dst_packets_processed":241,"flow_first_seen":1431969710853799,"flow_src_last_pkt_time":1431969807279227,"flow_dst_last_pkt_time":1431969791042699,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":44974,"flow_dst_tot_l4_payload_len":88481,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.28","src_port":50108,"dst_port":40009,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00971{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431969712913771,"flow_src_last_pkt_time":1431969712913828,"flow_dst_last_pkt_time":1431969712913771,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":132,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":133,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":265,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"239.255.255.250","src_port":49485,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":1431969712918145,"flow_src_last_pkt_time":1431969747557913,"flow_dst_last_pkt_time":1431969712918145,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":48,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":384,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.1","dst_ip":"192.168.1.34","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -1834,23 +1834,23 @@ 00779{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":3,"flow_first_seen":1431969707326642,"flow_src_last_pkt_time":1431969717500150,"flow_dst_last_pkt_time":1431969717500055,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":268,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":50103,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969677975770,"flow_src_last_pkt_time":1431969704363418,"flow_dst_last_pkt_time":1431969677975770,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":49360,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00789{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":1431969713815539,"flow_src_last_pkt_time":1431969726847355,"flow_dst_last_pkt_time":1431969713815539,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":165,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":165,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":660,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip6","src_ip":"fe80::c62c:3ff:fe06:49fe","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969722958172,"flow_src_last_pkt_time":1431969740384752,"flow_dst_last_pkt_time":1431969740384686,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":100,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":108,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":50130,"dst_port":13392,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969722958172,"flow_src_last_pkt_time":1431969740384752,"flow_dst_last_pkt_time":1431969740384686,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":100,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":108,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":50130,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969722958172,"flow_src_last_pkt_time":1431969740384752,"flow_dst_last_pkt_time":1431969740384686,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":100,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":108,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":50130,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01095{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":8,"flow_first_seen":1431969724570574,"flow_src_last_pkt_time":1431969725161861,"flow_dst_last_pkt_time":1431969725166046,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":171,"flow_src_tot_l4_payload_len":3668,"flow_dst_tot_l4_payload_len":181,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":50131,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398039,"flow_src_last_pkt_time":1431969727593030,"flow_dst_last_pkt_time":1431969727592938,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":101,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":139,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50112,"dst_port":20274,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398039,"flow_src_last_pkt_time":1431969727593030,"flow_dst_last_pkt_time":1431969727592938,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":101,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":139,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50112,"dst_port":20274,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398039,"flow_src_last_pkt_time":1431969727593030,"flow_dst_last_pkt_time":1431969727592938,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":101,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":139,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50112,"dst_port":20274,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694149,"flow_src_last_pkt_time":1431969794907548,"flow_dst_last_pkt_time":1431969771261146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":100,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50135,"dst_port":20274,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694149,"flow_src_last_pkt_time":1431969794907548,"flow_dst_last_pkt_time":1431969771261146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":100,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50135,"dst_port":20274,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694149,"flow_src_last_pkt_time":1431969794907548,"flow_dst_last_pkt_time":1431969771261146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":64,"flow_src_tot_l4_payload_len":100,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50135,"dst_port":20274,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969712931653,"flow_src_last_pkt_time":1431969712981449,"flow_dst_last_pkt_time":1431969713736415,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50109,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969712931653,"flow_src_last_pkt_time":1431969712981449,"flow_dst_last_pkt_time":1431969713736415,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50109,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969712931653,"flow_src_last_pkt_time":1431969712981449,"flow_dst_last_pkt_time":1431969713736415,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50109,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00867{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969713736740,"flow_src_last_pkt_time":1431969713779738,"flow_dst_last_pkt_time":1431969714165130,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50110,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00779{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431969713736740,"flow_src_last_pkt_time":1431969713779738,"flow_dst_last_pkt_time":1431969714165130,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50110,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00993{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1431969774806959,"flow_src_last_pkt_time":1431969776480751,"flow_dst_last_pkt_time":1431969776480651,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50140,"dst_port":20274,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00777{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1431969774806959,"flow_src_last_pkt_time":1431969776480751,"flow_dst_last_pkt_time":1431969776480651,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":50140,"dst_port":20274,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01119{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969735255261,"flow_src_last_pkt_time":1431969735255261,"flow_dst_last_pkt_time":1431969735255261,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"106.188.249.186","src_port":13021,"dst_port":15120,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949030,"flow_src_last_pkt_time":1431969723488428,"flow_dst_last_pkt_time":1431969723488361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":69,"flow_dst_max_l4_payload_len":112,"flow_src_tot_l4_payload_len":69,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50125,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949030,"flow_src_last_pkt_time":1431969723488428,"flow_dst_last_pkt_time":1431969723488361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":69,"flow_dst_max_l4_payload_len":112,"flow_src_tot_l4_payload_len":69,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50125,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949030,"flow_src_last_pkt_time":1431969723488428,"flow_dst_last_pkt_time":1431969723488361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":69,"flow_dst_max_l4_payload_len":112,"flow_src_tot_l4_payload_len":69,"flow_dst_tot_l4_payload_len":112,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50125,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00876{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949481,"flow_src_last_pkt_time":1431969750864541,"flow_dst_last_pkt_time":1431969750910332,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":332,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":3720,"flow_dst_tot_l4_payload_len":106,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.23","src_port":50126,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01003{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949481,"flow_src_last_pkt_time":1431969750864541,"flow_dst_last_pkt_time":1431969750910332,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":332,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":3720,"flow_dst_tot_l4_payload_len":106,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.23","src_port":50126,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00788{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":4,"flow_first_seen":1431969717949481,"flow_src_last_pkt_time":1431969750864541,"flow_dst_last_pkt_time":1431969750910332,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":332,"flow_dst_max_l4_payload_len":106,"flow_src_tot_l4_payload_len":3720,"flow_dst_tot_l4_payload_len":106,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.23","src_port":50126,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00867{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969719561453,"flow_src_last_pkt_time":1431969727878680,"flow_dst_last_pkt_time":1431969727878606,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":5,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":5,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50129,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00779{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431969719561453,"flow_src_last_pkt_time":1431969727878680,"flow_dst_last_pkt_time":1431969727878606,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":5,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":5,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":50129,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -1872,27 +1872,27 @@ 00964{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":1431969649862353,"flow_src_last_pkt_time":1431969790906536,"flow_dst_last_pkt_time":1431969790768307,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":277,"flow_dst_max_l4_payload_len":954,"flow_src_tot_l4_payload_len":1108,"flow_dst_tot_l4_payload_len":3816,"midstream":1,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"108.160.170.46","dst_ip":"192.168.1.34","src_port":443,"dst_port":49445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Dropbox","proto_by_ip_id":121,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00777{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":1431969793871150,"flow_src_last_pkt_time":1431969802019013,"flow_dst_last_pkt_time":1431969793871150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":30,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":150,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":55893,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1431969642318375,"flow_src_last_pkt_time":1431969642318375,"flow_dst_last_pkt_time":1431969642376469,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":40,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":40,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":56,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":64085,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969714398234,"flow_src_last_pkt_time":1431969733216347,"flow_dst_last_pkt_time":1431969733216278,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":115,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50113,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969714398234,"flow_src_last_pkt_time":1431969733216347,"flow_dst_last_pkt_time":1431969733216278,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":115,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50113,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969714398234,"flow_src_last_pkt_time":1431969733216347,"flow_dst_last_pkt_time":1431969733216278,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":61,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":115,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50113,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969721954245,"flow_src_last_pkt_time":1431969748263105,"flow_dst_last_pkt_time":1431969721954245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":51802,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969717177542,"flow_src_last_pkt_time":1431969730486492,"flow_dst_last_pkt_time":1431969730486426,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":89,"flow_src_tot_l4_payload_len":151,"flow_dst_tot_l4_payload_len":155,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50123,"dst_port":4415,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969717177542,"flow_src_last_pkt_time":1431969730486492,"flow_dst_last_pkt_time":1431969730486426,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":89,"flow_src_tot_l4_payload_len":151,"flow_dst_tot_l4_payload_len":155,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50123,"dst_port":4415,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969717177542,"flow_src_last_pkt_time":1431969730486492,"flow_dst_last_pkt_time":1431969730486426,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":89,"flow_src_tot_l4_payload_len":151,"flow_dst_tot_l4_payload_len":155,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50123,"dst_port":4415,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":19,"flow_first_seen":1431969715510906,"flow_src_last_pkt_time":1431969755601085,"flow_dst_last_pkt_time":1431969755612967,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1540,"flow_dst_tot_l4_payload_len":1358,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50117,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01005{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":19,"flow_first_seen":1431969715510906,"flow_src_last_pkt_time":1431969755601085,"flow_dst_last_pkt_time":1431969755612967,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1540,"flow_dst_tot_l4_payload_len":1358,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50117,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":19,"flow_first_seen":1431969715510906,"flow_src_last_pkt_time":1431969755601085,"flow_dst_last_pkt_time":1431969755612967,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1540,"flow_dst_tot_l4_payload_len":1358,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50117,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":11,"flow_first_seen":1431969718289986,"flow_src_last_pkt_time":1431969752365543,"flow_dst_last_pkt_time":1431969752365461,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":42,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":191,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50127,"dst_port":4415,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":11,"flow_first_seen":1431969718289986,"flow_src_last_pkt_time":1431969752365543,"flow_dst_last_pkt_time":1431969752365461,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":42,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":191,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50127,"dst_port":4415,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":11,"flow_first_seen":1431969718289986,"flow_src_last_pkt_time":1431969752365543,"flow_dst_last_pkt_time":1431969752365461,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":42,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":101,"flow_dst_tot_l4_payload_len":191,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50127,"dst_port":4415,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00973{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":79,"flow_dst_packets_processed":0,"flow_first_seen":1431969648258514,"flow_src_last_pkt_time":1431969808391728,"flow_dst_last_pkt_time":1431969648258514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":285,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":363,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":26161,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.0.254","dst_ip":"239.255.255.250","src_port":1025,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969666429312,"flow_src_last_pkt_time":1431969666429312,"flow_dst_last_pkt_time":1431969666429312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.155","src_port":13021,"dst_port":40004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00870{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1431969783628523,"flow_src_last_pkt_time":1431969808684170,"flow_dst_last_pkt_time":1431969783821347,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":99,"flow_src_tot_l4_payload_len":124,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50141,"dst_port":4415,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00997{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1431969783628523,"flow_src_last_pkt_time":1431969808684170,"flow_dst_last_pkt_time":1431969783821347,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":99,"flow_src_tot_l4_payload_len":124,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50141,"dst_port":4415,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1431969783628523,"flow_src_last_pkt_time":1431969808684170,"flow_dst_last_pkt_time":1431969783821347,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":99,"flow_src_tot_l4_payload_len":124,"flow_dst_tot_l4_payload_len":99,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50141,"dst_port":4415,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969671427254,"flow_src_last_pkt_time":1431969671427254,"flow_dst_last_pkt_time":1431969671427254,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":31,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.141","src_port":13021,"dst_port":40004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969657367982,"flow_src_last_pkt_time":1431969657367982,"flow_dst_last_pkt_time":1431969657367982,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.150","src_port":13021,"dst_port":40004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00870{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":6,"flow_first_seen":1431969784741030,"flow_src_last_pkt_time":1431969808951480,"flow_dst_last_pkt_time":1431969790337451,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":181,"flow_dst_tot_l4_payload_len":81,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50142,"dst_port":4415,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00997{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":6,"flow_first_seen":1431969784741030,"flow_src_last_pkt_time":1431969808951480,"flow_dst_last_pkt_time":1431969790337451,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":181,"flow_dst_tot_l4_payload_len":81,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50142,"dst_port":4415,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":6,"flow_first_seen":1431969784741030,"flow_src_last_pkt_time":1431969808951480,"flow_dst_last_pkt_time":1431969790337451,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":181,"flow_dst_tot_l4_payload_len":81,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.14.46.121","src_port":50142,"dst_port":4415,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00870{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694385,"flow_src_last_pkt_time":1431969789490350,"flow_dst_last_pkt_time":1431969789490238,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50136,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00997{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694385,"flow_src_last_pkt_time":1431969789490350,"flow_dst_last_pkt_time":1431969789490238,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50136,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431969770694385,"flow_src_last_pkt_time":1431969789490350,"flow_dst_last_pkt_time":1431969789490238,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":69,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":77,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50136,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969667439986,"flow_src_last_pkt_time":1431969667439986,"flow_dst_last_pkt_time":1431969667439986,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.168","src_port":13021,"dst_port":40006,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1431969771806353,"flow_src_last_pkt_time":1431969808100305,"flow_dst_last_pkt_time":1431969777317750,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1531,"flow_dst_tot_l4_payload_len":1305,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50138,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01005{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1431969771806353,"flow_src_last_pkt_time":1431969808100305,"flow_dst_last_pkt_time":1431969777317750,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1531,"flow_dst_tot_l4_payload_len":1305,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50138,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1431969771806353,"flow_src_last_pkt_time":1431969808100305,"flow_dst_last_pkt_time":1431969777317750,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1531,"flow_dst_tot_l4_payload_len":1305,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":50138,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969660403888,"flow_src_last_pkt_time":1431969660403888,"flow_dst_last_pkt_time":1431969660403888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.159","src_port":13021,"dst_port":40009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969664405843,"flow_src_last_pkt_time":1431969664405843,"flow_dst_last_pkt_time":1431969664405843,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":27,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":27,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":27,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.148","src_port":13021,"dst_port":40010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -1915,20 +1915,20 @@ 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":9,"flow_first_seen":1431969714165437,"flow_src_last_pkt_time":1431969745160671,"flow_dst_last_pkt_time":1431969745160588,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":327,"flow_dst_max_l4_payload_len":21,"flow_src_tot_l4_payload_len":337,"flow_dst_tot_l4_payload_len":31,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":50111,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969713965185,"flow_src_last_pkt_time":1431969713965185,"flow_dst_last_pkt_time":1431969713965185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.39","src_port":13021,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01102{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":1431969642969264,"flow_src_last_pkt_time":1431969723490924,"flow_dst_last_pkt_time":1431969642969264,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":30,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":270,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":49903,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":4,"flow_first_seen":1431969714902925,"flow_src_last_pkt_time":1431969731550410,"flow_dst_last_pkt_time":1431969731550308,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":160,"flow_dst_tot_l4_payload_len":100,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50116,"dst_port":17639,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":4,"flow_first_seen":1431969714902925,"flow_src_last_pkt_time":1431969731550410,"flow_dst_last_pkt_time":1431969731550308,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":160,"flow_dst_tot_l4_payload_len":100,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50116,"dst_port":17639,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":4,"flow_first_seen":1431969714902925,"flow_src_last_pkt_time":1431969731550410,"flow_dst_last_pkt_time":1431969731550308,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":160,"flow_dst_tot_l4_payload_len":100,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50116,"dst_port":17639,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969714399341,"flow_src_last_pkt_time":1431969726002878,"flow_dst_last_pkt_time":1431969726002836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":89,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50115,"dst_port":59621,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969714399341,"flow_src_last_pkt_time":1431969726002878,"flow_dst_last_pkt_time":1431969726002836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":89,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50115,"dst_port":59621,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431969714399341,"flow_src_last_pkt_time":1431969726002878,"flow_dst_last_pkt_time":1431969726002836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":89,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50115,"dst_port":59621,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":16,"flow_first_seen":1431969716015431,"flow_src_last_pkt_time":1431969752089466,"flow_dst_last_pkt_time":1431969752089367,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1124,"flow_src_tot_l4_payload_len":1517,"flow_dst_tot_l4_payload_len":1444,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50121,"dst_port":17639,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01005{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":16,"flow_first_seen":1431969716015431,"flow_src_last_pkt_time":1431969752089466,"flow_dst_last_pkt_time":1431969752089367,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1124,"flow_src_tot_l4_payload_len":1517,"flow_dst_tot_l4_payload_len":1444,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50121,"dst_port":17639,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":24,"flow_dst_packets_processed":16,"flow_first_seen":1431969716015431,"flow_src_last_pkt_time":1431969752089466,"flow_dst_last_pkt_time":1431969752089367,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1124,"flow_src_tot_l4_payload_len":1517,"flow_dst_tot_l4_payload_len":1444,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":50121,"dst_port":17639,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00877{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":62,"flow_dst_packets_processed":38,"flow_first_seen":1431969715511238,"flow_src_last_pkt_time":1431969808618709,"flow_dst_last_pkt_time":1431969790381231,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":754,"flow_dst_max_l4_payload_len":1183,"flow_src_tot_l4_payload_len":2837,"flow_dst_tot_l4_payload_len":2809,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50119,"dst_port":59621,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01004{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":62,"flow_dst_packets_processed":38,"flow_first_seen":1431969715511238,"flow_src_last_pkt_time":1431969808618709,"flow_dst_last_pkt_time":1431969790381231,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":754,"flow_dst_max_l4_payload_len":1183,"flow_src_tot_l4_payload_len":2837,"flow_dst_tot_l4_payload_len":2809,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50119,"dst_port":59621,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00789{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":62,"flow_dst_packets_processed":38,"flow_first_seen":1431969715511238,"flow_src_last_pkt_time":1431969808618709,"flow_dst_last_pkt_time":1431969790381231,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":754,"flow_dst_max_l4_payload_len":1183,"flow_src_tot_l4_payload_len":2837,"flow_dst_tot_l4_payload_len":2809,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"86.31.35.30","src_port":50119,"dst_port":59621,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00780{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":17,"flow_dst_packets_processed":1,"flow_first_seen":1431969642376823,"flow_src_last_pkt_time":1431969712120603,"flow_dst_last_pkt_time":1431969642433995,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2483,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"23.223.73.34","src_port":50027,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969713965184,"flow_src_last_pkt_time":1431969713965184,"flow_dst_last_pkt_time":1431969713965184,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.145","src_port":13021,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01102{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969642398350,"flow_src_last_pkt_time":1431969668794885,"flow_dst_last_pkt_time":1431969642398350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":46,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":46,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":322,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":49990,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969705713833,"flow_src_last_pkt_time":1431969723790653,"flow_dst_last_pkt_time":1431969723790537,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":108,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":156,"flow_dst_tot_l4_payload_len":135,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":50099,"dst_port":40022,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969705713833,"flow_src_last_pkt_time":1431969723790653,"flow_dst_last_pkt_time":1431969723790537,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":108,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":156,"flow_dst_tot_l4_payload_len":135,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":50099,"dst_port":40022,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431969705713833,"flow_src_last_pkt_time":1431969723790653,"flow_dst_last_pkt_time":1431969723790537,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":108,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":156,"flow_dst_tot_l4_payload_len":135,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":50099,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969697530346,"flow_src_last_pkt_time":1431969725708440,"flow_dst_last_pkt_time":1431969725781654,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":149,"flow_dst_tot_l4_payload_len":49,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50088,"dst_port":33033,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969697530346,"flow_src_last_pkt_time":1431969725708440,"flow_dst_last_pkt_time":1431969725781654,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":149,"flow_dst_tot_l4_payload_len":49,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50088,"dst_port":33033,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969697530346,"flow_src_last_pkt_time":1431969725708440,"flow_dst_last_pkt_time":1431969725781654,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":149,"flow_dst_tot_l4_payload_len":49,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50088,"dst_port":33033,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01102{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969643971809,"flow_src_last_pkt_time":1431969670410701,"flow_dst_last_pkt_time":1431969643971809,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":60288,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00927{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969681060077,"flow_src_last_pkt_time":1431969700978211,"flow_dst_last_pkt_time":1431969700978115,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":25,"flow_src_tot_l4_payload_len":429,"flow_dst_tot_l4_payload_len":25,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.12","src_port":50066,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} @@ -1962,7 +1962,7 @@ 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969686494151,"flow_src_last_pkt_time":1431969686494151,"flow_dst_last_pkt_time":1431969686494151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":31,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.29","src_port":13021,"dst_port":40024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969655400081,"flow_src_last_pkt_time":1431969655400081,"flow_dst_last_pkt_time":1431969655400081,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.42","src_port":13021,"dst_port":40024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969653376578,"flow_src_last_pkt_time":1431969653376578,"flow_dst_last_pkt_time":1431969653376578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.15","src_port":13021,"dst_port":40024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969750597501,"flow_src_last_pkt_time":1431969790934910,"flow_dst_last_pkt_time":1431969791165736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":124,"flow_dst_max_l4_payload_len":76,"flow_src_tot_l4_payload_len":840,"flow_dst_tot_l4_payload_len":76,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.53.47","src_port":50134,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969750597501,"flow_src_last_pkt_time":1431969790934910,"flow_dst_last_pkt_time":1431969791165736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":124,"flow_dst_max_l4_payload_len":76,"flow_src_tot_l4_payload_len":840,"flow_dst_tot_l4_payload_len":76,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.53.47","src_port":50134,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969750597501,"flow_src_last_pkt_time":1431969790934910,"flow_dst_last_pkt_time":1431969791165736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":124,"flow_dst_max_l4_payload_len":76,"flow_src_tot_l4_payload_len":840,"flow_dst_tot_l4_payload_len":76,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.53.47","src_port":50134,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969661414015,"flow_src_last_pkt_time":1431969661414015,"flow_dst_last_pkt_time":1431969661414015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.151","src_port":13021,"dst_port":40027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969657367969,"flow_src_last_pkt_time":1431969657367969,"flow_dst_last_pkt_time":1431969657367969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.145","src_port":13021,"dst_port":40027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -1990,7 +1990,7 @@ 00780{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969675055729,"flow_src_last_pkt_time":1431969695880291,"flow_dst_last_pkt_time":1431969696024889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":261,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.146","src_port":50056,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00929{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969675055919,"flow_src_last_pkt_time":1431969694153200,"flow_dst_last_pkt_time":1431969694153109,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":41,"flow_src_tot_l4_payload_len":310,"flow_dst_tot_l4_payload_len":41,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50057,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969675055919,"flow_src_last_pkt_time":1431969694153200,"flow_dst_last_pkt_time":1431969694153109,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":41,"flow_src_tot_l4_payload_len":310,"flow_dst_tot_l4_payload_len":41,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.153","src_port":50057,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398565,"flow_src_last_pkt_time":1431969731992203,"flow_dst_last_pkt_time":1431969731992117,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":116,"flow_dst_tot_l4_payload_len":86,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50114,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398565,"flow_src_last_pkt_time":1431969731992203,"flow_dst_last_pkt_time":1431969731992117,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":116,"flow_dst_tot_l4_payload_len":86,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50114,"dst_port":31010,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969714398565,"flow_src_last_pkt_time":1431969731992203,"flow_dst_last_pkt_time":1431969731992117,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":49,"flow_src_tot_l4_payload_len":116,"flow_dst_tot_l4_payload_len":86,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50114,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00879{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":18,"flow_dst_packets_processed":13,"flow_first_seen":1431969715511090,"flow_src_last_pkt_time":1431969755484111,"flow_dst_last_pkt_time":1431969755483930,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1388,"flow_dst_tot_l4_payload_len":1230,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50118,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00791{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":18,"flow_dst_packets_processed":13,"flow_first_seen":1431969715511090,"flow_src_last_pkt_time":1431969755484111,"flow_dst_last_pkt_time":1431969755483930,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1388,"flow_dst_tot_l4_payload_len":1230,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50118,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -2005,10 +2005,10 @@ 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969691076385,"flow_src_last_pkt_time":1431969708230648,"flow_dst_last_pkt_time":1431969708230581,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":457,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":50080,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00929{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969692087049,"flow_src_last_pkt_time":1431969710209449,"flow_dst_last_pkt_time":1431969710209338,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":37,"flow_src_tot_l4_payload_len":478,"flow_dst_tot_l4_payload_len":37,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50081,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431969692087049,"flow_src_last_pkt_time":1431969710209449,"flow_dst_last_pkt_time":1431969710209338,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":37,"flow_src_tot_l4_payload_len":478,"flow_dst_tot_l4_payload_len":37,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":50081,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969770694633,"flow_src_last_pkt_time":1431969788429727,"flow_dst_last_pkt_time":1431969788429522,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":55,"flow_src_tot_l4_payload_len":138,"flow_dst_tot_l4_payload_len":107,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50137,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969770694633,"flow_src_last_pkt_time":1431969788429727,"flow_dst_last_pkt_time":1431969788429522,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":55,"flow_src_tot_l4_payload_len":138,"flow_dst_tot_l4_payload_len":107,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50137,"dst_port":31010,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431969770694633,"flow_src_last_pkt_time":1431969788429727,"flow_dst_last_pkt_time":1431969788429522,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":55,"flow_src_tot_l4_payload_len":138,"flow_dst_tot_l4_payload_len":107,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50137,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969683445606,"flow_src_last_pkt_time":1431969709776102,"flow_dst_last_pkt_time":1431969683445606,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":58368,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":8,"flow_first_seen":1431969771806544,"flow_src_last_pkt_time":1431969808841301,"flow_dst_last_pkt_time":1431969776500630,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1393,"flow_dst_tot_l4_payload_len":1184,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50139,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01005{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":8,"flow_first_seen":1431969771806544,"flow_src_last_pkt_time":1431969808841301,"flow_dst_last_pkt_time":1431969776500630,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1393,"flow_dst_tot_l4_payload_len":1184,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50139,"dst_port":31010,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":8,"flow_first_seen":1431969771806544,"flow_src_last_pkt_time":1431969808841301,"flow_dst_last_pkt_time":1431969776500630,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":776,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1393,"flow_dst_tot_l4_payload_len":1184,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":50139,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00927{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":3,"flow_first_seen":1431969699142169,"flow_src_last_pkt_time":1431969728344489,"flow_dst_last_pkt_time":1431969728419711,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":684,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50091,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00781{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":3,"flow_first_seen":1431969699142169,"flow_src_last_pkt_time":1431969728344489,"flow_dst_last_pkt_time":1431969728419711,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":684,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":50091,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -2022,18 +2022,18 @@ 00782{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":3,"flow_first_seen":1431969691076248,"flow_src_last_pkt_time":1431969717938891,"flow_dst_last_pkt_time":1431969717999294,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":306,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.142","src_port":50079,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969720556330,"flow_src_last_pkt_time":1431969746803369,"flow_dst_last_pkt_time":1431969720556330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":46,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":46,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":322,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":56387,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969683445395,"flow_src_last_pkt_time":1431969709776353,"flow_dst_last_pkt_time":1431969683445395,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":54343,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969675413612,"flow_src_last_pkt_time":1431969703766187,"flow_dst_last_pkt_time":1431969703766087,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":70,"flow_src_tot_l4_payload_len":94,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.38","src_port":50059,"dst_port":40015,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969675413612,"flow_src_last_pkt_time":1431969703766187,"flow_dst_last_pkt_time":1431969703766087,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":70,"flow_src_tot_l4_payload_len":94,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.38","src_port":50059,"dst_port":40015,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969675413612,"flow_src_last_pkt_time":1431969703766187,"flow_dst_last_pkt_time":1431969703766087,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":70,"flow_src_tot_l4_payload_len":94,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.38","src_port":50059,"dst_port":40015,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443716,"flow_src_last_pkt_time":1431969701528785,"flow_dst_last_pkt_time":1431969701528688,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":50,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":58,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.47","src_port":50055,"dst_port":40030,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443716,"flow_src_last_pkt_time":1431969701528785,"flow_dst_last_pkt_time":1431969701528688,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":50,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":58,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.47","src_port":50055,"dst_port":40030,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969673443716,"flow_src_last_pkt_time":1431969701528785,"flow_dst_last_pkt_time":1431969701528688,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":50,"flow_src_tot_l4_payload_len":140,"flow_dst_tot_l4_payload_len":58,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.47","src_port":50055,"dst_port":40030,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01103{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969677975446,"flow_src_last_pkt_time":1431969704363268,"flow_dst_last_pkt_time":1431969677975446,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":58458,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969695483561,"flow_src_last_pkt_time":1431969723584637,"flow_dst_last_pkt_time":1431969723584541,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":83,"flow_src_tot_l4_payload_len":115,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.142","src_port":50086,"dst_port":40023,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969695483561,"flow_src_last_pkt_time":1431969723584637,"flow_dst_last_pkt_time":1431969723584541,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":83,"flow_src_tot_l4_payload_len":115,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.142","src_port":50086,"dst_port":40023,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431969695483561,"flow_src_last_pkt_time":1431969723584637,"flow_dst_last_pkt_time":1431969723584541,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":75,"flow_dst_max_l4_payload_len":83,"flow_src_tot_l4_payload_len":115,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.142","src_port":50086,"dst_port":40023,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00872{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969704663999,"flow_src_last_pkt_time":1431969718237861,"flow_dst_last_pkt_time":1431969718237742,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":62,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.46","src_port":50096,"dst_port":40027,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00999{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969704663999,"flow_src_last_pkt_time":1431969718237861,"flow_dst_last_pkt_time":1431969718237742,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":62,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.46","src_port":50096,"dst_port":40027,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431969704663999,"flow_src_last_pkt_time":1431969718237861,"flow_dst_last_pkt_time":1431969718237742,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":62,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":118,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.46","src_port":50096,"dst_port":40027,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01101{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431969642244935,"flow_src_last_pkt_time":1431969668794481,"flow_dst_last_pkt_time":1431969642244935,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":217,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":54396,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00971{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431969745776534,"flow_src_last_pkt_time":1431969745776598,"flow_dst_last_pkt_time":1431969745776534,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":132,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":133,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":265,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"239.255.255.250","src_port":56886,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00871{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":5,"flow_first_seen":1431969725833987,"flow_src_last_pkt_time":1431969741920429,"flow_dst_last_pkt_time":1431969741920359,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":50132,"dst_port":13392,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00998{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":5,"flow_first_seen":1431969725833987,"flow_src_last_pkt_time":1431969741920429,"flow_dst_last_pkt_time":1431969741920359,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":50132,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00783{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":5,"flow_first_seen":1431969725833987,"flow_src_last_pkt_time":1431969741920429,"flow_dst_last_pkt_time":1431969741920359,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":56,"flow_src_tot_l4_payload_len":152,"flow_dst_tot_l4_payload_len":64,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":50132,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00787{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":7,"flow_first_seen":1431969727446487,"flow_src_last_pkt_time":1431969727685310,"flow_dst_last_pkt_time":1431969727738197,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1352,"flow_dst_max_l4_payload_len":133,"flow_src_tot_l4_payload_len":1362,"flow_dst_tot_l4_payload_len":162,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":50133,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01125{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":187,"flow_dst_packets_processed":200,"flow_first_seen":1431969642444382,"flow_src_last_pkt_time":1431969808620001,"flow_dst_last_pkt_time":1431969778682206,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":30185,"flow_dst_tot_l4_payload_len":142347,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.126.211","src_port":50028,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS (v1.1 or older)","severity":"High","risk_score": {"total":310,"client":275,"server":35}}},"confidence": {"6":"DPI"},"proto":"TLS.Skype_Teams","proto_id":"91.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -2057,9 +2057,9 @@ 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969662422217,"flow_src_last_pkt_time":1431969662422217,"flow_dst_last_pkt_time":1431969662422217,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.25","src_port":13021,"dst_port":40028,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969665416714,"flow_src_last_pkt_time":1431969665416714,"flow_dst_last_pkt_time":1431969665416714,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.24","src_port":13021,"dst_port":40032,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969664405665,"flow_src_last_pkt_time":1431969664405665,"flow_dst_last_pkt_time":1431969664405665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":22,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":22,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":22,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.20","src_port":13021,"dst_port":40033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00874{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":6,"flow_first_seen":1431969716182666,"flow_src_last_pkt_time":1431969728657604,"flow_dst_last_pkt_time":1431969728657420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":110,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":166,"flow_dst_tot_l4_payload_len":126,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50122,"dst_port":44431,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":6,"flow_first_seen":1431969716182666,"flow_src_last_pkt_time":1431969728657604,"flow_dst_last_pkt_time":1431969728657420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":110,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":166,"flow_dst_tot_l4_payload_len":126,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50122,"dst_port":44431,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00786{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":6,"flow_first_seen":1431969716182666,"flow_src_last_pkt_time":1431969728657604,"flow_dst_last_pkt_time":1431969728657420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":110,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":166,"flow_dst_tot_l4_payload_len":126,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50122,"dst_port":44431,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00873{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":11,"flow_first_seen":1431969717295253,"flow_src_last_pkt_time":1431969788791433,"flow_dst_last_pkt_time":1431969788791276,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":26,"flow_src_tot_l4_payload_len":128,"flow_dst_tot_l4_payload_len":44,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50124,"dst_port":44431,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01000{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":11,"flow_first_seen":1431969717295253,"flow_src_last_pkt_time":1431969788791433,"flow_dst_last_pkt_time":1431969788791276,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":26,"flow_src_tot_l4_payload_len":128,"flow_dst_tot_l4_payload_len":44,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50124,"dst_port":44431,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00785{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":11,"flow_first_seen":1431969717295253,"flow_src_last_pkt_time":1431969788791433,"flow_dst_last_pkt_time":1431969788791276,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":26,"flow_src_tot_l4_payload_len":128,"flow_dst_tot_l4_payload_len":44,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.133.19.185","src_port":50124,"dst_port":44431,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":1431969713813443,"flow_src_last_pkt_time":1431969733946836,"flow_dst_last_pkt_time":1431969713813443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":90,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"176.26.55.167","src_port":13021,"dst_port":63773,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01117{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/skype.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431969662422043,"flow_src_last_pkt_time":1431969662422043,"flow_dst_last_pkt_time":1431969662422043,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":37,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":37,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":37,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431969808951480,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.152","src_port":13021,"dst_port":40001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -2132,9 +2132,9 @@ ~~ total active/idle flows...: 293/293 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8520971 bytes -~~ total memory freed........: 8520971 bytes -~~ total allocations/frees...: 149085/149085 +~~ total memory allocated....: 8700972 bytes +~~ total memory freed........: 8700972 bytes +~~ total allocations/frees...: 152766/152766 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2483 chars diff --git a/test/results/default/skype_no_unknown.pcap.out b/test/results/default/skype_no_unknown.pcap.out index 55da63171..b7ce0e4d0 100644 --- a/test/results/default/skype_no_unknown.pcap.out +++ b/test/results/default/skype_no_unknown.pcap.out @@ -1281,10 +1281,10 @@ 01127{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970658879063,"flow_src_last_pkt_time":1431970658879063,"flow_dst_last_pkt_time":1431970658879063,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.16","src_port":13021,"dst_port":40032,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01127{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970659834986,"flow_src_last_pkt_time":1431970659834986,"flow_dst_last_pkt_time":1431970659834986,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.20","src_port":13021,"dst_port":40033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970634729529,"flow_src_last_pkt_time":1431970661287394,"flow_dst_last_pkt_time":1431970634729529,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":245,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":59113,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00883{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970687670182,"flow_src_last_pkt_time":1431970706351837,"flow_dst_last_pkt_time":1431970706351735,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":85,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":133,"flow_dst_tot_l4_payload_len":102,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":51289,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01010{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970687670182,"flow_src_last_pkt_time":1431970706351837,"flow_dst_last_pkt_time":1431970706351735,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":85,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":133,"flow_dst_tot_l4_payload_len":102,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":51289,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970687670182,"flow_src_last_pkt_time":1431970706351837,"flow_dst_last_pkt_time":1431970706351735,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":85,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":133,"flow_dst_tot_l4_payload_len":102,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":51289,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00792{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":1,"flow_first_seen":1431970635489934,"flow_src_last_pkt_time":1431970690062563,"flow_dst_last_pkt_time":1431970635534408,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":185,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2405,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"23.206.33.166","src_port":51231,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00889{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":17,"flow_dst_packets_processed":13,"flow_first_seen":1431970688781923,"flow_src_last_pkt_time":1431970693328452,"flow_dst_last_pkt_time":1431970693454788,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1552,"flow_dst_tot_l4_payload_len":1348,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":51292,"dst_port":18767,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01016{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":17,"flow_dst_packets_processed":13,"flow_first_seen":1431970688781923,"flow_src_last_pkt_time":1431970693328452,"flow_dst_last_pkt_time":1431970693454788,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1552,"flow_dst_tot_l4_payload_len":1348,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":51292,"dst_port":18767,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00802{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":17,"flow_dst_packets_processed":13,"flow_first_seen":1431970688781923,"flow_src_last_pkt_time":1431970693328452,"flow_dst_last_pkt_time":1431970693454788,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1552,"flow_dst_tot_l4_payload_len":1348,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"71.238.7.203","src_port":51292,"dst_port":18767,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970634276297,"flow_src_last_pkt_time":1431970660781889,"flow_dst_last_pkt_time":1431970634276297,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":55028,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00793{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":1,"flow_first_seen":1431970690191533,"flow_src_last_pkt_time":1431970705014710,"flow_dst_last_pkt_time":1431970690235132,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":167,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1336,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"23.206.33.166","src_port":51295,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -1293,26 +1293,26 @@ 00934{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970686843964,"flow_src_last_pkt_time":1431970686906874,"flow_dst_last_pkt_time":1431970687201898,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":51286,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00788{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970686843964,"flow_src_last_pkt_time":1431970686906874,"flow_dst_last_pkt_time":1431970687201898,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":51286,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970668278677,"flow_src_last_pkt_time":1431970694737954,"flow_dst_last_pkt_time":1431970668278677,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":63342,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00883{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431970699896876,"flow_src_last_pkt_time":1431970708272876,"flow_dst_last_pkt_time":1431970700104147,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":80,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"93.79.224.176","src_port":51311,"dst_port":14506,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01010{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431970699896876,"flow_src_last_pkt_time":1431970708272876,"flow_dst_last_pkt_time":1431970700104147,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":80,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"93.79.224.176","src_port":51311,"dst_port":14506,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431970699896876,"flow_src_last_pkt_time":1431970708272876,"flow_dst_last_pkt_time":1431970700104147,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":80,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"93.79.224.176","src_port":51311,"dst_port":14506,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":9,"flow_first_seen":1431970701508822,"flow_src_last_pkt_time":1431970702461946,"flow_dst_last_pkt_time":1431970702603491,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":323,"flow_dst_max_l4_payload_len":38,"flow_src_tot_l4_payload_len":669,"flow_dst_tot_l4_payload_len":50,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"93.79.224.176","src_port":51314,"dst_port":14506,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":9,"flow_first_seen":1431970701508822,"flow_src_last_pkt_time":1431970702461946,"flow_dst_last_pkt_time":1431970702603491,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":323,"flow_dst_max_l4_payload_len":38,"flow_src_tot_l4_payload_len":669,"flow_dst_tot_l4_payload_len":50,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"93.79.224.176","src_port":51314,"dst_port":14506,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00797{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":9,"flow_first_seen":1431970701508822,"flow_src_last_pkt_time":1431970702461946,"flow_dst_last_pkt_time":1431970702603491,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":323,"flow_dst_max_l4_payload_len":38,"flow_src_tot_l4_payload_len":669,"flow_dst_tot_l4_payload_len":50,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"93.79.224.176","src_port":51314,"dst_port":14506,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00934{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431970693196942,"flow_src_last_pkt_time":1431970706224170,"flow_dst_last_pkt_time":1431970706224058,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":5,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":5,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":51302,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00788{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1431970693196942,"flow_src_last_pkt_time":1431970706224170,"flow_dst_last_pkt_time":1431970706224058,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":5,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":5,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":51302,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00883{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970688560737,"flow_src_last_pkt_time":1431970700671714,"flow_dst_last_pkt_time":1431970700671602,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":102,"flow_dst_max_l4_payload_len":70,"flow_src_tot_l4_payload_len":150,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":51291,"dst_port":17639,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01010{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970688560737,"flow_src_last_pkt_time":1431970700671714,"flow_dst_last_pkt_time":1431970700671602,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":102,"flow_dst_max_l4_payload_len":70,"flow_src_tot_l4_payload_len":150,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":51291,"dst_port":17639,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970688560737,"flow_src_last_pkt_time":1431970700671714,"flow_dst_last_pkt_time":1431970700671602,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":102,"flow_dst_max_l4_payload_len":70,"flow_src_tot_l4_payload_len":150,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":51291,"dst_port":17639,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00889{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":14,"flow_first_seen":1431970689672643,"flow_src_last_pkt_time":1431970694329349,"flow_dst_last_pkt_time":1431970694329250,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":752,"flow_dst_max_l4_payload_len":1124,"flow_src_tot_l4_payload_len":1528,"flow_dst_tot_l4_payload_len":1371,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":51294,"dst_port":17639,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01016{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":14,"flow_first_seen":1431970689672643,"flow_src_last_pkt_time":1431970694329349,"flow_dst_last_pkt_time":1431970694329250,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":752,"flow_dst_max_l4_payload_len":1124,"flow_src_tot_l4_payload_len":1528,"flow_dst_tot_l4_payload_len":1371,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":51294,"dst_port":17639,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00802{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":19,"flow_dst_packets_processed":14,"flow_first_seen":1431970689672643,"flow_src_last_pkt_time":1431970694329349,"flow_dst_last_pkt_time":1431970694329250,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":752,"flow_dst_max_l4_payload_len":1124,"flow_src_tot_l4_payload_len":1528,"flow_dst_tot_l4_payload_len":1371,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"81.83.77.141","src_port":51294,"dst_port":17639,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":2,"flow_first_seen":1431970691351277,"flow_src_last_pkt_time":1431970701913282,"flow_dst_last_pkt_time":1431970691489782,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":71,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":127,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"82.224.110.241","src_port":51298,"dst_port":38895,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":2,"flow_first_seen":1431970691351277,"flow_src_last_pkt_time":1431970701913282,"flow_dst_last_pkt_time":1431970691489782,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":71,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":127,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"82.224.110.241","src_port":51298,"dst_port":38895,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00796{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":2,"flow_first_seen":1431970691351277,"flow_src_last_pkt_time":1431970701913282,"flow_dst_last_pkt_time":1431970691489782,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":71,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":127,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"82.224.110.241","src_port":51298,"dst_port":38895,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":7,"flow_first_seen":1431970692464197,"flow_src_last_pkt_time":1431970694362658,"flow_dst_last_pkt_time":1431970694362530,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":41,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":97,"flow_dst_tot_l4_payload_len":177,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"82.224.110.241","src_port":51301,"dst_port":38895,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":7,"flow_first_seen":1431970692464197,"flow_src_last_pkt_time":1431970694362658,"flow_dst_last_pkt_time":1431970694362530,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":41,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":97,"flow_dst_tot_l4_payload_len":177,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"82.224.110.241","src_port":51301,"dst_port":38895,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00797{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":7,"flow_first_seen":1431970692464197,"flow_src_last_pkt_time":1431970694362658,"flow_dst_last_pkt_time":1431970694362530,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":41,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":97,"flow_dst_tot_l4_payload_len":177,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"82.224.110.241","src_port":51301,"dst_port":38895,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01070{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":1431970685839326,"flow_src_last_pkt_time":1431970687668942,"flow_dst_last_pkt_time":1431970685839326,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":48,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.1","dst_ip":"192.168.1.34","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431970648979653,"flow_src_last_pkt_time":1431970679027972,"flow_dst_last_pkt_time":1431970648979653,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":502,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":502,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1004,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.92","dst_ip":"255.255.255.255","src_port":17500,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431970648880273,"flow_src_last_pkt_time":1431970678945749,"flow_dst_last_pkt_time":1431970648880273,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":502,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":502,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1004,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"255.255.255.255","src_port":17500,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}} -00881{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431970659834732,"flow_src_last_pkt_time":1431970689347058,"flow_dst_last_pkt_time":1431970689548937,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":88,"flow_dst_max_l4_payload_len":83,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":83,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":51251,"dst_port":40029,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01008{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431970659834732,"flow_src_last_pkt_time":1431970689347058,"flow_dst_last_pkt_time":1431970689548937,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":88,"flow_dst_max_l4_payload_len":83,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":83,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":51251,"dst_port":40029,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00793{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431970659834732,"flow_src_last_pkt_time":1431970689347058,"flow_dst_last_pkt_time":1431970689548937,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":88,"flow_dst_max_l4_payload_len":83,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":83,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.166","src_port":51251,"dst_port":40029,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00883{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431970682971692,"flow_src_last_pkt_time":1431970692227999,"flow_dst_last_pkt_time":1431970692227904,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":66,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":106,"flow_dst_tot_l4_payload_len":115,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.159","src_port":51278,"dst_port":40009,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01010{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431970682971692,"flow_src_last_pkt_time":1431970692227999,"flow_dst_last_pkt_time":1431970692227904,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":66,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":106,"flow_dst_tot_l4_payload_len":115,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.159","src_port":51278,"dst_port":40009,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431970682971692,"flow_src_last_pkt_time":1431970692227999,"flow_dst_last_pkt_time":1431970692227904,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":66,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":106,"flow_dst_tot_l4_payload_len":115,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"64.4.23.159","src_port":51278,"dst_port":40009,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00935{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970664361045,"flow_src_last_pkt_time":1431970664361045,"flow_dst_last_pkt_time":1431970664361045,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":8,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":8,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.0.254","dst_ip":"224.0.0.1","l4_proto":2,"flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00937{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970664698567,"flow_src_last_pkt_time":1431970664698567,"flow_dst_last_pkt_time":1431970664698567,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":8,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":8,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.229","dst_ip":"224.0.0.251","l4_proto":2,"flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -1325,13 +1325,13 @@ 01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970634731075,"flow_src_last_pkt_time":1431970661287747,"flow_dst_last_pkt_time":1431970634731075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":53372,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00937{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970651380247,"flow_src_last_pkt_time":1431970679634661,"flow_dst_last_pkt_time":1431970679713062,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":576,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.147","src_port":51238,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00791{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970651380247,"flow_src_last_pkt_time":1431970679634661,"flow_dst_last_pkt_time":1431970679713062,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":576,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.147","src_port":51238,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00885{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970687670559,"flow_src_last_pkt_time":1431970703163899,"flow_dst_last_pkt_time":1431970703163786,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":90,"flow_dst_max_l4_payload_len":100,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":144,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":51290,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01012{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970687670559,"flow_src_last_pkt_time":1431970703163899,"flow_dst_last_pkt_time":1431970703163786,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":90,"flow_dst_max_l4_payload_len":100,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":144,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":51290,"dst_port":31010,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00797{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970687670559,"flow_src_last_pkt_time":1431970703163899,"flow_dst_last_pkt_time":1431970703163786,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":90,"flow_dst_max_l4_payload_len":100,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":144,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":51290,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00939{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970652388904,"flow_src_last_pkt_time":1431970670585326,"flow_dst_last_pkt_time":1431970670585240,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":541,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":51241,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00793{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970652388904,"flow_src_last_pkt_time":1431970670585326,"flow_dst_last_pkt_time":1431970670585240,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":541,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":51241,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431970648982373,"flow_src_last_pkt_time":1431970679028646,"flow_dst_last_pkt_time":1431970648982373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":502,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":502,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1004,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.92","dst_ip":"192.168.1.255","src_port":17500,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431970648880591,"flow_src_last_pkt_time":1431970678946074,"flow_dst_last_pkt_time":1431970648880591,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":502,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":502,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1004,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.255","src_port":17500,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Dropbox","proto_id":"121","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":13,"category":"Cloud"}} -00889{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":8,"flow_first_seen":1431970688782103,"flow_src_last_pkt_time":1431970692885519,"flow_dst_last_pkt_time":1431970692885443,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1390,"flow_dst_tot_l4_payload_len":1171,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":51293,"dst_port":31010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01016{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":8,"flow_first_seen":1431970688782103,"flow_src_last_pkt_time":1431970692885519,"flow_dst_last_pkt_time":1431970692885443,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1390,"flow_dst_tot_l4_payload_len":1171,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":51293,"dst_port":31010,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00802{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":8,"flow_first_seen":1431970688782103,"flow_src_last_pkt_time":1431970692885519,"flow_dst_last_pkt_time":1431970692885443,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":777,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1390,"flow_dst_tot_l4_payload_len":1171,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"5.248.186.221","src_port":51293,"dst_port":31010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00940{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970668514761,"flow_src_last_pkt_time":1431970686964847,"flow_dst_last_pkt_time":1431970686964732,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":59,"flow_src_tot_l4_payload_len":457,"flow_dst_tot_l4_payload_len":59,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.142","src_port":51260,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00794{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970668514761,"flow_src_last_pkt_time":1431970686964847,"flow_dst_last_pkt_time":1431970686964732,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":59,"flow_src_tot_l4_payload_len":457,"flow_dst_tot_l4_payload_len":59,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.142","src_port":51260,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -1349,7 +1349,7 @@ 00793{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":3,"flow_first_seen":1431970668515289,"flow_src_last_pkt_time":1431970693271419,"flow_dst_last_pkt_time":1431970693321713,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":567,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.176","src_port":51262,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00941{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970675578247,"flow_src_last_pkt_time":1431970692134625,"flow_dst_last_pkt_time":1431970692134511,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":338,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":51271,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970675578247,"flow_src_last_pkt_time":1431970692134625,"flow_dst_last_pkt_time":1431970692134511,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":79,"flow_src_tot_l4_payload_len":338,"flow_dst_tot_l4_payload_len":79,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":51271,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00882{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970649777696,"flow_src_last_pkt_time":1431970678255480,"flow_dst_last_pkt_time":1431970678255384,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":78,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":118,"flow_dst_tot_l4_payload_len":75,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.45","src_port":51236,"dst_port":40008,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01009{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970649777696,"flow_src_last_pkt_time":1431970678255480,"flow_dst_last_pkt_time":1431970678255384,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":78,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":118,"flow_dst_tot_l4_payload_len":75,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.45","src_port":51236,"dst_port":40008,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00794{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970649777696,"flow_src_last_pkt_time":1431970678255480,"flow_dst_last_pkt_time":1431970678255384,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":78,"flow_dst_max_l4_payload_len":67,"flow_src_tot_l4_payload_len":118,"flow_dst_tot_l4_payload_len":75,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.45","src_port":51236,"dst_port":40008,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00976{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970643669769,"flow_src_last_pkt_time":1431970643669769,"flow_dst_last_pkt_time":1431970643669769,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":50,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":50,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.92","dst_ip":"192.168.1.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 01104{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":2,"flow_first_seen":1431970642412443,"flow_src_last_pkt_time":1431970643680280,"flow_dst_last_pkt_time":1431970643676745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":62,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":229,"flow_dst_max_l4_payload_len":50,"flow_src_tot_l4_payload_len":706,"flow_dst_tot_l4_payload_len":100,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.1","dst_ip":"192.168.1.34","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} @@ -1360,25 +1360,25 @@ 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431970643964341,"flow_src_last_pkt_time":1431970644121096,"flow_dst_last_pkt_time":1431970643964341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip6","src_ip":"fe80::c62c:3ff:fe06:49fe","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00938{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970672329260,"flow_src_last_pkt_time":1431970672329260,"flow_dst_last_pkt_time":1431970672329260,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":8,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":8,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.219","dst_ip":"233.89.188.1","l4_proto":2,"flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01129{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970687262067,"flow_src_last_pkt_time":1431970687262067,"flow_dst_last_pkt_time":1431970687262067,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"189.138.161.88","src_port":13021,"dst_port":19521,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00883{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970666902983,"flow_src_last_pkt_time":1431970694879610,"flow_dst_last_pkt_time":1431970694879496,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":49,"flow_dst_max_l4_payload_len":77,"flow_src_tot_l4_payload_len":89,"flow_dst_tot_l4_payload_len":85,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.142","src_port":51256,"dst_port":40013,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01010{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970666902983,"flow_src_last_pkt_time":1431970694879610,"flow_dst_last_pkt_time":1431970694879496,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":49,"flow_dst_max_l4_payload_len":77,"flow_src_tot_l4_payload_len":89,"flow_dst_tot_l4_payload_len":85,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.142","src_port":51256,"dst_port":40013,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970666902983,"flow_src_last_pkt_time":1431970694879610,"flow_dst_last_pkt_time":1431970694879496,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":49,"flow_dst_max_l4_payload_len":77,"flow_src_tot_l4_payload_len":89,"flow_dst_tot_l4_payload_len":85,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.142","src_port":51256,"dst_port":40013,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970634730943,"flow_src_last_pkt_time":1431970661287560,"flow_dst_last_pkt_time":1431970634730943,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":57592,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970657867433,"flow_src_last_pkt_time":1431970685617220,"flow_dst_last_pkt_time":1431970685617101,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":132,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.175","src_port":51248,"dst_port":40030,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970657867433,"flow_src_last_pkt_time":1431970685617220,"flow_dst_last_pkt_time":1431970685617101,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":132,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.175","src_port":51248,"dst_port":40030,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00796{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970657867433,"flow_src_last_pkt_time":1431970685617220,"flow_dst_last_pkt_time":1431970685617101,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":132,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.77.175","src_port":51248,"dst_port":40030,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00894{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":101,"flow_dst_packets_processed":98,"flow_first_seen":1431970682971895,"flow_src_last_pkt_time":1431970705724794,"flow_dst_last_pkt_time":1431970705724677,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":23871,"flow_dst_tot_l4_payload_len":53458,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.48","src_port":51279,"dst_port":40008,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01021{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":101,"flow_dst_packets_processed":98,"flow_first_seen":1431970682971895,"flow_src_last_pkt_time":1431970705724794,"flow_dst_last_pkt_time":1431970705724677,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":23871,"flow_dst_tot_l4_payload_len":53458,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.48","src_port":51279,"dst_port":40008,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00807{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":101,"flow_dst_packets_processed":98,"flow_first_seen":1431970682971895,"flow_src_last_pkt_time":1431970705724794,"flow_dst_last_pkt_time":1431970705724677,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":23871,"flow_dst_tot_l4_payload_len":53458,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.48","src_port":51279,"dst_port":40008,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":4,"flow_first_seen":1431970671951288,"flow_src_last_pkt_time":1431970689889616,"flow_dst_last_pkt_time":1431970689889519,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":93,"flow_dst_max_l4_payload_len":98,"flow_src_tot_l4_payload_len":125,"flow_dst_tot_l4_payload_len":106,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.18","src_port":51267,"dst_port":40025,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":4,"flow_first_seen":1431970671951288,"flow_src_last_pkt_time":1431970689889616,"flow_dst_last_pkt_time":1431970689889519,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":93,"flow_dst_max_l4_payload_len":98,"flow_src_tot_l4_payload_len":125,"flow_dst_tot_l4_payload_len":106,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.18","src_port":51267,"dst_port":40025,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00796{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":4,"flow_first_seen":1431970671951288,"flow_src_last_pkt_time":1431970689889616,"flow_dst_last_pkt_time":1431970689889519,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":93,"flow_dst_max_l4_payload_len":98,"flow_src_tot_l4_payload_len":125,"flow_dst_tot_l4_payload_len":106,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.18","src_port":51267,"dst_port":40025,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01126{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970688025302,"flow_src_last_pkt_time":1431970688025302,"flow_dst_last_pkt_time":1431970688025302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.14","src_port":13021,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1431970685835365,"flow_src_last_pkt_time":1431970685835379,"flow_dst_last_pkt_time":1431970685835365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":132,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":133,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":265,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"239.255.255.250","src_port":58061,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00799{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":1431970660159683,"flow_src_last_pkt_time":1431970690798430,"flow_dst_last_pkt_time":1431970690578281,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":277,"flow_dst_max_l4_payload_len":954,"flow_src_tot_l4_payload_len":554,"flow_dst_tot_l4_payload_len":1908,"midstream":1,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"108.160.163.108","dst_ip":"192.168.1.34","src_port":443,"dst_port":51222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00882{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970695865959,"flow_src_last_pkt_time":1431970707876926,"flow_dst_last_pkt_time":1431970707876808,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":93,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":61,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51305,"dst_port":13392,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01009{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970695865959,"flow_src_last_pkt_time":1431970707876926,"flow_dst_last_pkt_time":1431970707876808,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":93,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":61,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51305,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00794{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970695865959,"flow_src_last_pkt_time":1431970707876926,"flow_dst_last_pkt_time":1431970707876808,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":93,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":61,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51305,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01105{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":19,"flow_dst_packets_processed":7,"flow_first_seen":1431970697478490,"flow_src_last_pkt_time":1431970707879494,"flow_dst_last_pkt_time":1431970697637334,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":15702,"flow_dst_tot_l4_payload_len":67,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51307,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} -00882{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970698661976,"flow_src_last_pkt_time":1431970706984168,"flow_dst_last_pkt_time":1431970698767857,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":75,"flow_src_tot_l4_payload_len":112,"flow_dst_tot_l4_payload_len":75,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51309,"dst_port":13392,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01009{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970698661976,"flow_src_last_pkt_time":1431970706984168,"flow_dst_last_pkt_time":1431970698767857,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":75,"flow_src_tot_l4_payload_len":112,"flow_dst_tot_l4_payload_len":75,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51309,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00794{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970698661976,"flow_src_last_pkt_time":1431970706984168,"flow_dst_last_pkt_time":1431970698767857,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":75,"flow_src_tot_l4_payload_len":112,"flow_dst_tot_l4_payload_len":75,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51309,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01105{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":18,"flow_dst_packets_processed":7,"flow_first_seen":1431970700273545,"flow_src_last_pkt_time":1431970706319390,"flow_dst_last_pkt_time":1431970700430801,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":57,"flow_src_tot_l4_payload_len":13911,"flow_dst_tot_l4_payload_len":67,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51312,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431970704329249,"flow_src_last_pkt_time":1431970708726988,"flow_dst_last_pkt_time":1431970704418263,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":108,"flow_src_tot_l4_payload_len":124,"flow_dst_tot_l4_payload_len":108,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51316,"dst_port":13392,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431970704329249,"flow_src_last_pkt_time":1431970708726988,"flow_dst_last_pkt_time":1431970704418263,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":108,"flow_src_tot_l4_payload_len":124,"flow_dst_tot_l4_payload_len":108,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51316,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00796{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431970704329249,"flow_src_last_pkt_time":1431970708726988,"flow_dst_last_pkt_time":1431970704418263,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":108,"flow_src_tot_l4_payload_len":124,"flow_dst_tot_l4_payload_len":108,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51316,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00797{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":8,"flow_first_seen":1431970705942081,"flow_src_last_pkt_time":1431970706098378,"flow_dst_last_pkt_time":1431970706101731,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":19,"flow_src_tot_l4_payload_len":4851,"flow_dst_tot_l4_payload_len":29,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"149.13.32.15","src_port":51317,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00974{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1431970634669345,"flow_src_last_pkt_time":1431970634669345,"flow_dst_last_pkt_time":1431970634723111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":59,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":59,"flow_dst_max_l4_payload_len":124,"flow_src_tot_l4_payload_len":59,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":57694,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS","proto_id":"5","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -1414,32 +1414,32 @@ 01129{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970661855921,"flow_src_last_pkt_time":1431970661855921,"flow_dst_last_pkt_time":1431970661855921,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":27,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":27,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":27,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.146","src_port":13021,"dst_port":33033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01129{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970657867722,"flow_src_last_pkt_time":1431970657867722,"flow_dst_last_pkt_time":1431970657867722,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":13021,"dst_port":33033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970643670427,"flow_src_last_pkt_time":1431970643670427,"flow_dst_last_pkt_time":1431970643670427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":50,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":50,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.92","dst_ip":"192.168.1.255","src_port":53826,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00881{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970649777525,"flow_src_last_pkt_time":1431970674421534,"flow_dst_last_pkt_time":1431970674421420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":85,"flow_src_tot_l4_payload_len":118,"flow_dst_tot_l4_payload_len":93,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.45","src_port":51235,"dst_port":40009,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01008{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970649777525,"flow_src_last_pkt_time":1431970674421534,"flow_dst_last_pkt_time":1431970674421420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":85,"flow_src_tot_l4_payload_len":118,"flow_dst_tot_l4_payload_len":93,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.45","src_port":51235,"dst_port":40009,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00793{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970649777525,"flow_src_last_pkt_time":1431970674421534,"flow_dst_last_pkt_time":1431970674421420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":62,"flow_dst_max_l4_payload_len":85,"flow_src_tot_l4_payload_len":118,"flow_dst_tot_l4_payload_len":93,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.45","src_port":51235,"dst_port":40009,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01129{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970651850367,"flow_src_last_pkt_time":1431970651850367,"flow_dst_last_pkt_time":1431970651850367,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":33,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":33,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":33,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.146","src_port":13021,"dst_port":33033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970634591842,"flow_src_last_pkt_time":1431970661089012,"flow_dst_last_pkt_time":1431970634591842,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":217,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":49864,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970634589949,"flow_src_last_pkt_time":1431970661089012,"flow_dst_last_pkt_time":1431970634589949,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":217,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":64240,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970649777390,"flow_src_last_pkt_time":1431970680242323,"flow_dst_last_pkt_time":1431970680320737,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":109,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":181,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.147","src_port":51234,"dst_port":40001,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970649777390,"flow_src_last_pkt_time":1431970680242323,"flow_dst_last_pkt_time":1431970680320737,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":109,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":181,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.147","src_port":51234,"dst_port":40001,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00796{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970649777390,"flow_src_last_pkt_time":1431970680242323,"flow_dst_last_pkt_time":1431970680320737,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":109,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":181,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.147","src_port":51234,"dst_port":40001,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970668278886,"flow_src_last_pkt_time":1431970694738041,"flow_dst_last_pkt_time":1431970668278886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":64258,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00883{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970650785836,"flow_src_last_pkt_time":1431970683006487,"flow_dst_last_pkt_time":1431970683130796,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":116,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":51237,"dst_port":40022,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01010{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970650785836,"flow_src_last_pkt_time":1431970683006487,"flow_dst_last_pkt_time":1431970683130796,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":116,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":51237,"dst_port":40022,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970650785836,"flow_src_last_pkt_time":1431970683006487,"flow_dst_last_pkt_time":1431970683130796,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":52,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":116,"flow_dst_tot_l4_payload_len":78,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.176","src_port":51237,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970666902808,"flow_src_last_pkt_time":1431970699526188,"flow_dst_last_pkt_time":1431970699651787,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":52,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.142","src_port":51255,"dst_port":40005,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970666902808,"flow_src_last_pkt_time":1431970699526188,"flow_dst_last_pkt_time":1431970699651787,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":52,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.142","src_port":51255,"dst_port":40005,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00796{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970666902808,"flow_src_last_pkt_time":1431970699526188,"flow_dst_last_pkt_time":1431970699651787,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":70,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":52,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.142","src_port":51255,"dst_port":40005,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00886{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970666903020,"flow_src_last_pkt_time":1431970694379020,"flow_dst_last_pkt_time":1431970694442280,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":101,"flow_src_tot_l4_payload_len":123,"flow_dst_tot_l4_payload_len":101,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.170","src_port":51257,"dst_port":40032,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01013{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970666903020,"flow_src_last_pkt_time":1431970694379020,"flow_dst_last_pkt_time":1431970694442280,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":101,"flow_src_tot_l4_payload_len":123,"flow_dst_tot_l4_payload_len":101,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.170","src_port":51257,"dst_port":40032,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00798{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":4,"flow_first_seen":1431970666903020,"flow_src_last_pkt_time":1431970694379020,"flow_dst_last_pkt_time":1431970694442280,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":101,"flow_src_tot_l4_payload_len":123,"flow_dst_tot_l4_payload_len":101,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.170","src_port":51257,"dst_port":40032,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970682971296,"flow_src_last_pkt_time":1431970700372374,"flow_dst_last_pkt_time":1431970700372262,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":67,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":123,"flow_dst_tot_l4_payload_len":76,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":51276,"dst_port":40021,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970682971296,"flow_src_last_pkt_time":1431970700372374,"flow_dst_last_pkt_time":1431970700372262,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":67,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":123,"flow_dst_tot_l4_payload_len":76,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":51276,"dst_port":40021,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00796{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970682971296,"flow_src_last_pkt_time":1431970700372374,"flow_dst_last_pkt_time":1431970700372262,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":67,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":123,"flow_dst_tot_l4_payload_len":76,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.146","src_port":51276,"dst_port":40021,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01127{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970688320038,"flow_src_last_pkt_time":1431970688320038,"flow_dst_last_pkt_time":1431970688320038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":18,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":18,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":18,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.141","src_port":13021,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00884{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970675992044,"flow_src_last_pkt_time":1431970693146867,"flow_dst_last_pkt_time":1431970693146753,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":81,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":89,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.152","src_port":51272,"dst_port":40029,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01011{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970675992044,"flow_src_last_pkt_time":1431970693146867,"flow_dst_last_pkt_time":1431970693146753,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":81,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":89,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.152","src_port":51272,"dst_port":40029,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00796{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970675992044,"flow_src_last_pkt_time":1431970693146867,"flow_dst_last_pkt_time":1431970693146753,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":92,"flow_dst_max_l4_payload_len":81,"flow_src_tot_l4_payload_len":148,"flow_dst_tot_l4_payload_len":89,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.152","src_port":51272,"dst_port":40029,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00886{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970682971500,"flow_src_last_pkt_time":1431970695489026,"flow_dst_last_pkt_time":1431970695488911,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":97,"flow_dst_max_l4_payload_len":105,"flow_src_tot_l4_payload_len":153,"flow_dst_tot_l4_payload_len":143,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":51277,"dst_port":40026,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01013{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970682971500,"flow_src_last_pkt_time":1431970695489026,"flow_dst_last_pkt_time":1431970695488911,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":97,"flow_dst_max_l4_payload_len":105,"flow_src_tot_l4_payload_len":153,"flow_dst_tot_l4_payload_len":143,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":51277,"dst_port":40026,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00798{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":4,"flow_first_seen":1431970682971500,"flow_src_last_pkt_time":1431970695489026,"flow_dst_last_pkt_time":1431970695488911,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":97,"flow_dst_max_l4_payload_len":105,"flow_src_tot_l4_payload_len":153,"flow_dst_tot_l4_payload_len":143,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.156","src_port":51277,"dst_port":40026,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00789{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":1431970685835490,"flow_src_last_pkt_time":1431970687666142,"flow_dst_last_pkt_time":1431970685835490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":12,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":12,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":59052,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00885{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431970666903155,"flow_src_last_pkt_time":1431970694621616,"flow_dst_last_pkt_time":1431970694687481,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":60,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.176","src_port":51258,"dst_port":40021,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01012{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431970666903155,"flow_src_last_pkt_time":1431970694621616,"flow_dst_last_pkt_time":1431970694687481,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":60,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.176","src_port":51258,"dst_port":40021,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00797{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431970666903155,"flow_src_last_pkt_time":1431970694621616,"flow_dst_last_pkt_time":1431970694687481,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":60,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.176","src_port":51258,"dst_port":40021,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970679839976,"flow_src_last_pkt_time":1431970706168895,"flow_dst_last_pkt_time":1431970679839976,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":46,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":46,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":322,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":64364,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00885{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431970673966269,"flow_src_last_pkt_time":1431970700245443,"flow_dst_last_pkt_time":1431970700297158,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":53,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":53,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":51269,"dst_port":40029,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01012{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431970673966269,"flow_src_last_pkt_time":1431970700245443,"flow_dst_last_pkt_time":1431970700297158,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":53,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":53,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":51269,"dst_port":40029,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00797{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":5,"flow_first_seen":1431970673966269,"flow_src_last_pkt_time":1431970700245443,"flow_dst_last_pkt_time":1431970700297158,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":53,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":53,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"213.199.179.175","src_port":51269,"dst_port":40029,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970636300980,"flow_src_last_pkt_time":1431970662705015,"flow_dst_last_pkt_time":1431970636300980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":50055,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01127{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970674981289,"flow_src_last_pkt_time":1431970674981289,"flow_dst_last_pkt_time":1431970674981289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.18","src_port":13021,"dst_port":33033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -1470,9 +1470,9 @@ 01128{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970660848421,"flow_src_last_pkt_time":1431970660848421,"flow_dst_last_pkt_time":1431970660848421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":30,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":30,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.24","src_port":13021,"dst_port":40032,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01128{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970658879243,"flow_src_last_pkt_time":1431970658879243,"flow_dst_last_pkt_time":1431970658879243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"111.221.74.20","src_port":13021,"dst_port":40033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970679839799,"flow_src_last_pkt_time":1431970706169029,"flow_dst_last_pkt_time":1431970679839799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":46,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":46,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":322,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"192.168.1.1","src_port":60413,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DNS.Skype_Teams","proto_id":"5.125","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00881{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431970634728684,"flow_src_last_pkt_time":1431970664140615,"flow_dst_last_pkt_time":1431970664345166,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":75,"flow_src_tot_l4_payload_len":147,"flow_dst_tot_l4_payload_len":75,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.28","src_port":51229,"dst_port":40009,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01008{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431970634728684,"flow_src_last_pkt_time":1431970664140615,"flow_dst_last_pkt_time":1431970664345166,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":75,"flow_src_tot_l4_payload_len":147,"flow_dst_tot_l4_payload_len":75,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.28","src_port":51229,"dst_port":40009,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00793{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1431970634728684,"flow_src_last_pkt_time":1431970664140615,"flow_dst_last_pkt_time":1431970664345166,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":75,"flow_src_tot_l4_payload_len":147,"flow_dst_tot_l4_payload_len":75,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.28","src_port":51229,"dst_port":40009,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00881{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970655836661,"flow_src_last_pkt_time":1431970685642923,"flow_dst_last_pkt_time":1431970685642808,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":90,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":130,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.44","src_port":51246,"dst_port":40020,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01008{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970655836661,"flow_src_last_pkt_time":1431970685642923,"flow_dst_last_pkt_time":1431970685642808,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":90,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":130,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.44","src_port":51246,"dst_port":40020,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00793{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":5,"flow_first_seen":1431970655836661,"flow_src_last_pkt_time":1431970685642923,"flow_dst_last_pkt_time":1431970685642808,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":90,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":130,"flow_dst_tot_l4_payload_len":71,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.52.44","src_port":51246,"dst_port":40020,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970694308651,"flow_src_last_pkt_time":1431970701362456,"flow_dst_last_pkt_time":1431970694308651,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.121.84.93","src_port":51303,"dst_port":62381,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00789{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1431970694308651,"flow_src_last_pkt_time":1431970701362456,"flow_dst_last_pkt_time":1431970694308651,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"80.121.84.93","src_port":51303,"dst_port":62381,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -1500,10 +1500,10 @@ 01126{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970655836975,"flow_src_last_pkt_time":1431970655836975,"flow_dst_last_pkt_time":1431970655836975,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":37,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":37,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":37,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.27","src_port":13021,"dst_port":40029,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01127{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970681005017,"flow_src_last_pkt_time":1431970681005017,"flow_dst_last_pkt_time":1431970681005017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.15","src_port":13021,"dst_port":40030,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01127{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970678985207,"flow_src_last_pkt_time":1431970678985207,"flow_dst_last_pkt_time":1431970678985207,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.16","src_port":13021,"dst_port":40032,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00882{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431970701461042,"flow_src_last_pkt_time":1431970708429074,"flow_dst_last_pkt_time":1431970701610889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":69,"flow_dst_max_l4_payload_len":81,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":81,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":51313,"dst_port":13392,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01009{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431970701461042,"flow_src_last_pkt_time":1431970708429074,"flow_dst_last_pkt_time":1431970701610889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":69,"flow_dst_max_l4_payload_len":81,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":81,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":51313,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00794{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1431970701461042,"flow_src_last_pkt_time":1431970708429074,"flow_dst_last_pkt_time":1431970701610889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":69,"flow_dst_max_l4_payload_len":81,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":81,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":51313,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00798{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":7,"flow_first_seen":1431970703073232,"flow_src_last_pkt_time":1431970706415616,"flow_dst_last_pkt_time":1431970703325381,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":19,"flow_src_tot_l4_payload_len":10729,"flow_dst_tot_l4_payload_len":29,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":51315,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00880{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":3,"flow_first_seen":1431970707102885,"flow_src_last_pkt_time":1431970708204706,"flow_dst_last_pkt_time":1431970707251983,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":97,"flow_dst_tot_l4_payload_len":80,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":51318,"dst_port":13392,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01007{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":3,"flow_first_seen":1431970707102885,"flow_src_last_pkt_time":1431970708204706,"flow_dst_last_pkt_time":1431970707251983,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":97,"flow_dst_tot_l4_payload_len":80,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":51318,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00793{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":3,"flow_first_seen":1431970707102885,"flow_src_last_pkt_time":1431970708204706,"flow_dst_last_pkt_time":1431970707251983,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":97,"flow_dst_tot_l4_payload_len":80,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":51318,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01001{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970708715662,"flow_src_last_pkt_time":1431970708715662,"flow_dst_last_pkt_time":1431970708715662,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":51319,"dst_port":13392,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00789{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970708715662,"flow_src_last_pkt_time":1431970708715662,"flow_dst_last_pkt_time":1431970708715662,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"212.161.8.36","src_port":51319,"dst_port":13392,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -1529,7 +1529,7 @@ 01127{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970644777198,"flow_src_last_pkt_time":1431970644777198,"flow_dst_last_pkt_time":1431970644777198,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.170","src_port":13021,"dst_port":40015,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01129{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970677974230,"flow_src_last_pkt_time":1431970677974230,"flow_dst_last_pkt_time":1431970677974230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":22,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":22,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":22,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.159","src_port":13021,"dst_port":40016,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01129{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970659834986,"flow_src_last_pkt_time":1431970659834986,"flow_dst_last_pkt_time":1431970659834986,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.144","src_port":13021,"dst_port":40016,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00883{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431970687670003,"flow_src_last_pkt_time":1431970700698092,"flow_dst_last_pkt_time":1431970700697981,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":135,"flow_dst_tot_l4_payload_len":125,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":51288,"dst_port":20274,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01010{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431970687670003,"flow_src_last_pkt_time":1431970700698092,"flow_dst_last_pkt_time":1431970700697981,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":135,"flow_dst_tot_l4_payload_len":125,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":51288,"dst_port":20274,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00795{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":4,"flow_first_seen":1431970687670003,"flow_src_last_pkt_time":1431970700698092,"flow_dst_last_pkt_time":1431970700697981,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":71,"flow_src_tot_l4_payload_len":135,"flow_dst_tot_l4_payload_len":125,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"76.167.161.6","src_port":51288,"dst_port":20274,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01129{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970677974229,"flow_src_last_pkt_time":1431970677974229,"flow_dst_last_pkt_time":1431970677974229,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.170","src_port":13021,"dst_port":40018,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01128{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970673970905,"flow_src_last_pkt_time":1431970673970905,"flow_dst_last_pkt_time":1431970673970905,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.56.143","src_port":13021,"dst_port":40018,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} @@ -1557,13 +1557,13 @@ 01129{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970665893094,"flow_src_last_pkt_time":1431970665893094,"flow_dst_last_pkt_time":1431970665893094,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":33,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":33,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":33,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.148","src_port":13021,"dst_port":40033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01129{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970659835052,"flow_src_last_pkt_time":1431970659835052,"flow_dst_last_pkt_time":1431970659835052,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":31,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":31,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":31,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.130.146","src_port":13021,"dst_port":40033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} 01128{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1431970653869278,"flow_src_last_pkt_time":1431970653869278,"flow_dst_last_pkt_time":1431970653869278,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.55.235.162","src_port":13021,"dst_port":40033,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Skype_Teams.Skype_TeamsCall","proto_id":"125.38","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}} -00880{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970685852960,"flow_src_last_pkt_time":1431970685921880,"flow_dst_last_pkt_time":1431970686318900,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":51,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":51284,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01007{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970685852960,"flow_src_last_pkt_time":1431970685921880,"flow_dst_last_pkt_time":1431970686318900,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":51,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":51284,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00792{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970685852960,"flow_src_last_pkt_time":1431970685921880,"flow_dst_last_pkt_time":1431970686318900,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":51,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":51,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":51284,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970686319207,"flow_src_last_pkt_time":1431970686381738,"flow_dst_last_pkt_time":1431970686843632,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":51285,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970686319207,"flow_src_last_pkt_time":1431970686381738,"flow_dst_last_pkt_time":1431970686843632,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.218.125","src_port":51285,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00882{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970690890491,"flow_src_last_pkt_time":1431970690944643,"flow_dst_last_pkt_time":1431970691584256,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":107,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":51296,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01009{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970690890491,"flow_src_last_pkt_time":1431970690944643,"flow_dst_last_pkt_time":1431970691584256,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":107,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":51296,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00794{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1431970690890491,"flow_src_last_pkt_time":1431970690944643,"flow_dst_last_pkt_time":1431970691584256,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":107,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":51296,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00885{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970690890943,"flow_src_last_pkt_time":1431970705762603,"flow_dst_last_pkt_time":1431970691001424,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":335,"flow_dst_max_l4_payload_len":84,"flow_src_tot_l4_payload_len":2438,"flow_dst_tot_l4_payload_len":84,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.24","src_port":51297,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01012{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970690890943,"flow_src_last_pkt_time":1431970705762603,"flow_dst_last_pkt_time":1431970691001424,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":335,"flow_dst_max_l4_payload_len":84,"flow_src_tot_l4_payload_len":2438,"flow_dst_tot_l4_payload_len":84,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.24","src_port":51297,"dst_port":12350,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00798{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1431970690890943,"flow_src_last_pkt_time":1431970705762603,"flow_dst_last_pkt_time":1431970691001424,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":335,"flow_dst_max_l4_payload_len":84,"flow_src_tot_l4_payload_len":2438,"flow_dst_tot_l4_payload_len":84,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.24","src_port":51297,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00878{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":1431970691584569,"flow_src_last_pkt_time":1431970703178547,"flow_dst_last_pkt_time":1431970703178433,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":5,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":5,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":51299,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00790{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"cfgs\/default\/pcap\/skype_no_unknown.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":1431970691584569,"flow_src_last_pkt_time":1431970703178547,"flow_dst_last_pkt_time":1431970703178433,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":5,"flow_dst_max_l4_payload_len":5,"flow_src_tot_l4_payload_len":5,"flow_dst_tot_l4_payload_len":5,"midstream":0,"thread_ts_usec":1431970708726988,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":51299,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -1590,9 +1590,9 @@ ~~ total active/idle flows...: 267/267 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8390001 bytes -~~ total memory freed........: 8390001 bytes -~~ total allocations/frees...: 147787/147787 +~~ total memory allocated....: 8569378 bytes +~~ total memory freed........: 8569378 bytes +~~ total allocations/frees...: 151468/151468 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 308 chars ~~ json string max len.......: 2492 chars diff --git a/test/results/default/skype_udp.pcap.out b/test/results/default/skype_udp.pcap.out index 66c5552db..75a127855 100644 --- a/test/results/default/skype_udp.pcap.out +++ b/test/results/default/skype_udp.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593905 bytes -~~ total memory freed........: 7593905 bytes -~~ total allocations/frees...: 142695/142695 +~~ total memory allocated....: 7766898 bytes +~~ total memory freed........: 7766898 bytes +~~ total allocations/frees...: 146376/146376 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 1124 chars diff --git a/test/results/default/smb_deletefile.pcap.out b/test/results/default/smb_deletefile.pcap.out index 14c021708..6b9a98933 100644 --- a/test/results/default/smb_deletefile.pcap.out +++ b/test/results/default/smb_deletefile.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596689 bytes -~~ total memory freed........: 7596689 bytes -~~ total allocations/frees...: 142791/142791 +~~ total memory allocated....: 7769682 bytes +~~ total memory freed........: 7769682 bytes +~~ total allocations/frees...: 146472/146472 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2315 chars diff --git a/test/results/default/smb_frags.pcap.out b/test/results/default/smb_frags.pcap.out index dc31ac37a..466a434a4 100644 --- a/test/results/default/smb_frags.pcap.out +++ b/test/results/default/smb_frags.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596073 bytes -~~ total memory freed........: 7596073 bytes -~~ total allocations/frees...: 142701/142701 +~~ total memory allocated....: 7769066 bytes +~~ total memory freed........: 7769066 bytes +~~ total allocations/frees...: 146382/146382 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2408 chars diff --git a/test/results/default/smbv1.pcap.out b/test/results/default/smbv1.pcap.out index 52ab1cadb..7ff6e23ec 100644 --- a/test/results/default/smbv1.pcap.out +++ b/test/results/default/smbv1.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596044 bytes -~~ total memory freed........: 7596044 bytes -~~ total allocations/frees...: 142700/142700 +~~ total memory allocated....: 7769037 bytes +~~ total memory freed........: 7769037 bytes +~~ total allocations/frees...: 146381/146381 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1326 chars diff --git a/test/results/default/smpp_in_general.pcap.out b/test/results/default/smpp_in_general.pcap.out index 2850480e6..d2c482827 100644 --- a/test/results/default/smpp_in_general.pcap.out +++ b/test/results/default/smpp_in_general.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596301 bytes -~~ total memory freed........: 7596301 bytes -~~ total allocations/frees...: 142708/142708 +~~ total memory allocated....: 7769294 bytes +~~ total memory freed........: 7769294 bytes +~~ total allocations/frees...: 146389/146389 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 983 chars diff --git a/test/results/default/smtp-starttls.pcap.out b/test/results/default/smtp-starttls.pcap.out index 3598ad6d9..a2ecb2156 100644 --- a/test/results/default/smtp-starttls.pcap.out +++ b/test/results/default/smtp-starttls.pcap.out @@ -34,9 +34,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7620247 bytes -~~ total memory freed........: 7620247 bytes -~~ total allocations/frees...: 142805/142805 +~~ total memory allocated....: 7793264 bytes +~~ total memory freed........: 7793264 bytes +~~ total allocations/frees...: 146486/146486 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2540 chars diff --git a/test/results/default/smtp.pcap.out b/test/results/default/smtp.pcap.out index b8beca057..3f9d77c2b 100644 --- a/test/results/default/smtp.pcap.out +++ b/test/results/default/smtp.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598563 bytes -~~ total memory freed........: 7598563 bytes -~~ total allocations/frees...: 142786/142786 +~~ total memory allocated....: 7771556 bytes +~~ total memory freed........: 7771556 bytes +~~ total allocations/frees...: 146467/146467 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2136 chars diff --git a/test/results/default/smtps.pcapng.out b/test/results/default/smtps.pcapng.out index d534fed01..ca18dd114 100644 --- a/test/results/default/smtps.pcapng.out +++ b/test/results/default/smtps.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7597980 bytes -~~ total memory freed........: 7597980 bytes -~~ total allocations/frees...: 142697/142697 +~~ total memory allocated....: 7770973 bytes +~~ total memory freed........: 7770973 bytes +~~ total allocations/frees...: 146378/146378 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 1227 chars diff --git a/test/results/default/snapchat.pcap.out b/test/results/default/snapchat.pcap.out index 0f44689e2..cdb2f2a65 100644 --- a/test/results/default/snapchat.pcap.out +++ b/test/results/default/snapchat.pcap.out @@ -36,9 +36,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7611964 bytes -~~ total memory freed........: 7611964 bytes -~~ total allocations/frees...: 142779/142779 +~~ total memory allocated....: 7785005 bytes +~~ total memory freed........: 7785005 bytes +~~ total allocations/frees...: 146460/146460 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 1370 chars diff --git a/test/results/default/snapchat_call.pcapng.out b/test/results/default/snapchat_call.pcapng.out index f982472d2..7b37ada13 100644 --- a/test/results/default/snapchat_call.pcapng.out +++ b/test/results/default/snapchat_call.pcapng.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595210 bytes -~~ total memory freed........: 7595210 bytes -~~ total allocations/frees...: 142740/142740 +~~ total memory allocated....: 7768203 bytes +~~ total memory freed........: 7768203 bytes +~~ total allocations/frees...: 146421/146421 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 2362 chars diff --git a/test/results/default/snapchat_call_v1.pcapng.out b/test/results/default/snapchat_call_v1.pcapng.out index a5d7acdc2..c3b8a6173 100644 --- a/test/results/default/snapchat_call_v1.pcapng.out +++ b/test/results/default/snapchat_call_v1.pcapng.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7617621 bytes -~~ total memory freed........: 7617621 bytes -~~ total allocations/frees...: 143188/143188 +~~ total memory allocated....: 7790614 bytes +~~ total memory freed........: 7790614 bytes +~~ total allocations/frees...: 146869/146869 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 524 chars ~~ json string max len.......: 2225 chars diff --git a/test/results/default/snmp.pcap.out b/test/results/default/snmp.pcap.out index a6cc14b76..6fbdf3bfd 100644 --- a/test/results/default/snmp.pcap.out +++ b/test/results/default/snmp.pcap.out @@ -143,9 +143,9 @@ ~~ total active/idle flows...: 17/17 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7629747 bytes -~~ total memory freed........: 7629747 bytes -~~ total allocations/frees...: 142936/142936 +~~ total memory allocated....: 7803124 bytes +~~ total memory freed........: 7803124 bytes +~~ total allocations/frees...: 146617/146617 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1987 chars diff --git a/test/results/default/soap.pcap.out b/test/results/default/soap.pcap.out index c473d1e99..e592b051e 100644 --- a/test/results/default/soap.pcap.out +++ b/test/results/default/soap.pcap.out @@ -30,9 +30,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602826 bytes -~~ total memory freed........: 7602826 bytes -~~ total allocations/frees...: 142740/142740 +~~ total memory allocated....: 7775867 bytes +~~ total memory freed........: 7775867 bytes +~~ total allocations/frees...: 146421/146421 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2469 chars diff --git a/test/results/default/socks.pcap.out b/test/results/default/socks.pcap.out index 430c430a1..ddd3d54ab 100644 --- a/test/results/default/socks.pcap.out +++ b/test/results/default/socks.pcap.out @@ -42,9 +42,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7610064 bytes -~~ total memory freed........: 7610064 bytes -~~ total allocations/frees...: 142787/142787 +~~ total memory allocated....: 7783129 bytes +~~ total memory freed........: 7783129 bytes +~~ total allocations/frees...: 146468/146468 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1093 chars diff --git a/test/results/default/softether.pcap.out b/test/results/default/softether.pcap.out index 33502bcb0..e878dbccb 100644 --- a/test/results/default/softether.pcap.out +++ b/test/results/default/softether.pcap.out @@ -113,9 +113,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7609761 bytes -~~ total memory freed........: 7609761 bytes -~~ total allocations/frees...: 142928/142928 +~~ total memory allocated....: 7782874 bytes +~~ total memory freed........: 7782874 bytes +~~ total allocations/frees...: 146609/146609 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2285 chars diff --git a/test/results/default/someip-tp.pcap.out b/test/results/default/someip-tp.pcap.out index 804ed8167..770cef09e 100644 --- a/test/results/default/someip-tp.pcap.out +++ b/test/results/default/someip-tp.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594021 bytes -~~ total memory freed........: 7594021 bytes -~~ total allocations/frees...: 142699/142699 +~~ total memory allocated....: 7767014 bytes +~~ total memory freed........: 7767014 bytes +~~ total allocations/frees...: 146380/146380 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2436 chars diff --git a/test/results/default/someip-udp-method-call.pcapng.out b/test/results/default/someip-udp-method-call.pcapng.out index dcf60df42..dde5d90df 100644 --- a/test/results/default/someip-udp-method-call.pcapng.out +++ b/test/results/default/someip-udp-method-call.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595943 bytes -~~ total memory freed........: 7595943 bytes -~~ total allocations/frees...: 142703/142703 +~~ total memory allocated....: 7768960 bytes +~~ total memory freed........: 7768960 bytes +~~ total allocations/frees...: 146384/146384 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 530 chars ~~ json string max len.......: 1229 chars diff --git a/test/results/default/someip_sd_sample.pcap.out b/test/results/default/someip_sd_sample.pcap.out index ecd0549d4..fe86be0c8 100644 --- a/test/results/default/someip_sd_sample.pcap.out +++ b/test/results/default/someip_sd_sample.pcap.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 0/0 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7591636 bytes -~~ total memory freed........: 7591636 bytes -~~ total allocations/frees...: 142679/142679 +~~ total memory allocated....: 7764605 bytes +~~ total memory freed........: 7764605 bytes +~~ total allocations/frees...: 146360/146360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 318 chars ~~ json string max len.......: 588 chars diff --git a/test/results/default/source_engine.pcap.out b/test/results/default/source_engine.pcap.out index ba45b919d..495f77871 100644 --- a/test/results/default/source_engine.pcap.out +++ b/test/results/default/source_engine.pcap.out @@ -91,9 +91,9 @@ ~~ total active/idle flows...: 17/17 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7628237 bytes -~~ total memory freed........: 7628237 bytes -~~ total allocations/frees...: 142883/142883 +~~ total memory allocated....: 7801614 bytes +~~ total memory freed........: 7801614 bytes +~~ total allocations/frees...: 146564/146564 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 1108 chars diff --git a/test/results/default/sql_injection.pcap.out b/test/results/default/sql_injection.pcap.out index c083665e1..c572c2bbd 100644 --- a/test/results/default/sql_injection.pcap.out +++ b/test/results/default/sql_injection.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594391 bytes -~~ total memory freed........: 7594391 bytes -~~ total allocations/frees...: 142703/142703 +~~ total memory allocated....: 7767384 bytes +~~ total memory freed........: 7767384 bytes +~~ total allocations/frees...: 146384/146384 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2508 chars diff --git a/test/results/default/srvloc-v1.pcapng.out b/test/results/default/srvloc-v1.pcapng.out new file mode 100644 index 000000000..9cf3bb3c7 --- /dev/null +++ b/test/results/default/srvloc-v1.pcapng.out @@ -0,0 +1,26 @@ +00512{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} +00575{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1610477174501058} +00785{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1610477174501058,"flow_src_last_pkt_time":1610477174501058,"flow_dst_last_pkt_time":1610477174501058,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":362,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":362,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":362,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1610477174501058,"l3_proto":"ip4","src_ip":"23.220.116.175","dst_ip":"192.168.199.71","src_port":427,"dst_port":57782,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00998{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1610477174501058,"flow_dst_last_pkt_time":1610477174501058,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":404,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":404,"pkt_l4_len":370,"thread_ts_usec":1610477174501058,"pkt":"AAAAAAAAAAYApNApCABFAAGG4R4AAD8RhM0X3HSvwKjHRwGr4bYBclCtAQcBagAAZW4AAx15AAABWih4LWhwLXZlcj0wMSkoeC1ocC1wcm9kX2lkPVN0ZWxsYTROV18wMSkoeC1ocC1tYWM9M0M1MjgyMjZGRDI4KSh4LWhwLWd1aWQ9M0M1MjgyMjZGRDI4KSh4LWhwLW51bV9wb3J0PTAxKSh4LWhwLWlwPTE5Mi4xNjguMTAwLjAyOSkoeC1ocC1obj1ERVYyNkZEMjgpKHgtaHAtcDE9TUZHOkhld2xldHQtUGFja2FyZDtNREw6SFAgQ29sb3IgTGFzZXJKZXQgUHJvIE1GUCBNMTc3Znc7Q01EOkFDTCxDTUQsWkpTLFVSRixQQ0xtLFBKTDtDTFM6UFJJTlRFUjtERVM6SFAgQ29sb3IgTGFzZXJKZXQgUHJvIE1GUCBNMTc3Znc7RldWRVI6MjAxNjA5MjY7TEVETURJUzpVU0IjZmYjMDQjMDE7Q0lEOkhQTEpQQ0xNU1YxOyk="} +01077{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1610477174501058,"flow_src_last_pkt_time":1610477174501058,"flow_dst_last_pkt_time":1610477174501058,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":362,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":362,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":362,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1610477174501058,"l3_proto":"ip4","src_ip":"23.220.116.175","dst_ip":"192.168.199.71","src_port":427,"dst_port":57782,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1610477179484120,"flow_src_last_pkt_time":1610477179484120,"flow_dst_last_pkt_time":1610477179484120,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1610477179484120,"l3_proto":"ip4","src_ip":"250.83.105.78","dst_ip":"172.30.246.115","src_port":51708,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00571{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1610477179484120,"flow_dst_last_pkt_time":1610477179484120,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":86,"pkt_l4_len":52,"thread_ts_usec":1610477179484120,"pkt":"AAAAAAAAAAgAQ1JYCABFAABIcrMAAH8Rwr36U2lOrB72c8n8AasANMGIAQYALAAAZW4AAx73AAAAGHNlcnZpY2U6eC1ocG5wLWRpc2NvdmVyOgAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1610477179484120,"flow_src_last_pkt_time":1610477179484120,"flow_dst_last_pkt_time":1610477179484120,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1610477179484120,"l3_proto":"ip4","src_ip":"250.83.105.78","dst_ip":"172.30.246.115","src_port":51708,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1610477174501058,"flow_src_last_pkt_time":1610477174501058,"flow_dst_last_pkt_time":1610477174501058,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":362,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":362,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":362,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1610477179484120,"l3_proto":"ip4","src_ip":"23.220.116.175","dst_ip":"192.168.199.71","src_port":427,"dst_port":57782,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1610477179484120,"flow_src_last_pkt_time":1610477179484120,"flow_dst_last_pkt_time":1610477179484120,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1610477179484120,"l3_proto":"ip4","src_ip":"250.83.105.78","dst_ip":"172.30.246.115","src_port":51708,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00580{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc-v1.pcapng","alias":"nDPId-test","packets-captured":2,"packets-processed":2,"total-skipped-flows":0,"total-l4-payload-len":406,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":11,"global_ts_usec":1610477179484120} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/2 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 406 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~ total timeout flows.......: 0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 7768959 bytes +~~ total memory freed........: 7768959 bytes +~~ total allocations/frees...: 146384/146384 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ json string min len.......: 517 chars +~~ json string max len.......: 1121 chars +~~ json string avg len.......: 815 chars diff --git a/test/results/default/srvloc.pcap.out b/test/results/default/srvloc.pcap.out new file mode 100644 index 000000000..5f7783f2e --- /dev/null +++ b/test/results/default/srvloc.pcap.out @@ -0,0 +1,3016 @@ +00507{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} +00570{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1685617825174445} +00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685617825174445,"flow_src_last_pkt_time":1685617825174445,"flow_dst_last_pkt_time":1685617825174445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685617825174445,"l3_proto":"ip4","src_ip":"37.40.101.196","dst_ip":"85.111.52.57","src_port":53106,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1685617825174445,"flow_dst_last_pkt_time":1685617825174445,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685617825174445,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbbAlKGXEVW80Oc9yAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01066{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685617825174445,"flow_src_last_pkt_time":1685617825174445,"flow_dst_last_pkt_time":1685617825174445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685617825174445,"l3_proto":"ip4","src_ip":"37.40.101.196","dst_ip":"85.111.52.57","src_port":53106,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00571{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":2,"packets-processed":1,"total-skipped-flows":0,"total-l4-payload-len":29,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6,"global_ts_usec":1685630200886590} +00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630200886590,"flow_src_last_pkt_time":1685630200886590,"flow_dst_last_pkt_time":1685630200886590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630200886590,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":45163,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00570{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1685630200886590,"flow_dst_last_pkt_time":1685630200886590,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685630200886590,"pkt":"3jHC4dyOPJTVQTiBCABFCABL5ywAACQR3TcbhqncWo0lOLBrAasAN20TAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01067{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630200886590,"flow_src_last_pkt_time":1685630200886590,"flow_dst_last_pkt_time":1685630200886590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630200886590,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":45163,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01105{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685617825174445,"flow_src_last_pkt_time":1685617825174445,"flow_dst_last_pkt_time":1685617825174445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630200886590,"l3_proto":"ip4","src_ip":"37.40.101.196","dst_ip":"85.111.52.57","src_port":53106,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630282860970,"flow_src_last_pkt_time":1685630282860970,"flow_dst_last_pkt_time":1685630282860970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":107,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":107,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630282860970,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"186.112.202.53","src_port":40623,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00653{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1685630282860970,"flow_dst_last_pkt_time":1685630282860970,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":149,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":149,"pkt_l4_len":115,"thread_ts_usec":1685630282860970,"pkt":"xmjqc4OdPJTVQTiBCABFCACH1DEAAOsRrCYsY3GWunDKNZ6vAasAcwAAAgIAAGtAAAAAAIgRAAJlbgAAAAMAEREAHmh0dHBzOi8vZXhhbXBsZS5jb20vaW5kZXguaHRtbAAAEREAGHNjaGVtZTovL2RvbWFpbi50bGQvcGF0aAAAEREAD3NscDovL2hvc3QvcGF0aAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630282860970,"flow_src_last_pkt_time":1685630282860970,"flow_dst_last_pkt_time":1685630282860970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":107,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":107,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630282860970,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"186.112.202.53","src_port":40623,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630200886590,"flow_src_last_pkt_time":1685630200886590,"flow_dst_last_pkt_time":1685630200886590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630282860970,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":45163,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00573{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":4,"packets-processed":3,"total-skipped-flows":0,"total-l4-payload-len":183,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":0,"total-updates":1,"current-active-flows":2,"total-active-flows":3,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":15,"global_ts_usec":1685630932313616} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630932313616,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":111,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630932313616,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"90.145.180.58","src_port":34697,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00657{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":153,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":153,"pkt_l4_len":119,"thread_ts_usec":1685630932313616,"pkt":"bs1PogZtPJTVQTiBCABFCACL1DEAAOsRrCEsY3GWWpG0OoeJAasAdwAAAgIAAG9AAAAAAIgRAAJlbgAAAAIAEREAHmh0dHBzOi8vZXhhbXBsZS5jb20vaW5kZXguaHRtbAIAAAANAAAAAAADQUFBAAAAEQAAAAAAB0JCQkJCQkIAIiIAE3NscDovL3Rlc3Qub3JnL3Rlc3QA"} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630932313616,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":111,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630932313616,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"90.145.180.58","src_port":34697,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630282860970,"flow_src_last_pkt_time":1685630282860970,"flow_dst_last_pkt_time":1685630282860970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":107,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":107,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630932313616,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"186.112.202.53","src_port":40623,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01106{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630200886590,"flow_src_last_pkt_time":1685630200886590,"flow_dst_last_pkt_time":1685630200886590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630932313616,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":45163,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685631007788963,"flow_src_last_pkt_time":1685631007788963,"flow_dst_last_pkt_time":1685631007788963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685631007788963,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.141.37.56","src_port":33246,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00641{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1685631007788963,"flow_dst_last_pkt_time":1685631007788963,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685631007788963,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRpSXQZLGIWo0lOIHeAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685631007788963,"flow_src_last_pkt_time":1685631007788963,"flow_dst_last_pkt_time":1685631007788963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685631007788963,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.141.37.56","src_port":33246,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630932313616,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":111,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685631007788963,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"90.145.180.58","src_port":34697,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00573{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":6,"packets-processed":5,"total-skipped-flows":0,"total-l4-payload-len":392,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":5,"total-detection-updates":0,"total-updates":2,"current-active-flows":2,"total-active-flows":5,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":25,"global_ts_usec":1685632512691057} +00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685632512691057,"flow_src_last_pkt_time":1685632512691057,"flow_dst_last_pkt_time":1685632512691057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685632512691057,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":33510,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00642{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1685632512691057,"flow_dst_last_pkt_time":1685632512691057,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685632512691057,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPMRpTItfJOcVW80OYLmAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01067{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685632512691057,"flow_src_last_pkt_time":1685632512691057,"flow_dst_last_pkt_time":1685632512691057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685632512691057,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":33510,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685631007788963,"flow_src_last_pkt_time":1685631007788963,"flow_dst_last_pkt_time":1685631007788963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685632512691057,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.141.37.56","src_port":33246,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630932313616,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":111,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685632512691057,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"90.145.180.58","src_port":34697,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00573{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":7,"packets-processed":6,"total-skipped-flows":0,"total-l4-payload-len":490,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":6,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":6,"total-idle-flows":5,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":31,"global_ts_usec":1685634172336790} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634172336790,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":50663,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00641{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685634172336790,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpS0tfJOcpXLKPcXnAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634172336790,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":50663,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00641{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":2,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685634172336790,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpS0tfJOcpXLKPcXnAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634172336790,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":41268,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00641{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685634172336790,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpS0tfJOcpXLKPaE0AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLP8Vc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634172336790,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":41268,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685632512691057,"flow_src_last_pkt_time":1685632512691057,"flow_dst_last_pkt_time":1685632512691057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634172336790,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":33510,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634721622135,"flow_src_last_pkt_time":1685634721622135,"flow_dst_last_pkt_time":1685634721622135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634721622135,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"90.147.171.51","src_port":43154,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00642{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":1,"flow_src_last_pkt_time":1685634721622135,"flow_dst_last_pkt_time":1685634721622135,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685634721622135,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSzsm2CTWpOrM6iSAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634721622135,"flow_src_last_pkt_time":1685634721622135,"flow_dst_last_pkt_time":1685634721622135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634721622135,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"90.147.171.51","src_port":43154,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634721622135,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":41268,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":196,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634721622135,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":50663,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00576{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":11,"packets-processed":10,"total-skipped-flows":0,"total-l4-payload-len":882,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":9,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":9,"total-idle-flows":8,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":45,"global_ts_usec":1685636053299196} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685636053299196,"flow_src_last_pkt_time":1685636053299196,"flow_dst_last_pkt_time":1685636053299196,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685636053299196,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"74.111.203.55","src_port":57141,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":1,"flow_src_last_pkt_time":1685636053299196,"flow_dst_last_pkt_time":1685636053299196,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685636053299196,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRpTctfJOcSm\/LN981AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685636053299196,"flow_src_last_pkt_time":1685636053299196,"flow_dst_last_pkt_time":1685636053299196,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685636053299196,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"74.111.203.55","src_port":57141,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634721622135,"flow_src_last_pkt_time":1685634721622135,"flow_dst_last_pkt_time":1685634721622135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685636053299196,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"90.147.171.51","src_port":43154,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00578{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":12,"packets-processed":11,"total-skipped-flows":0,"total-l4-payload-len":980,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":10,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":10,"total-idle-flows":9,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":50,"global_ts_usec":1685637797751103} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685637797751103,"flow_src_last_pkt_time":1685637797751103,"flow_dst_last_pkt_time":1685637797751103,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685637797751103,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.144.84.62","src_port":38061,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":1,"flow_src_last_pkt_time":1685637797751103,"flow_dst_last_pkt_time":1685637797751103,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685637797751103,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDMi4tKjwpZBUPpStAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685637797751103,"flow_src_last_pkt_time":1685637797751103,"flow_dst_last_pkt_time":1685637797751103,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685637797751103,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.144.84.62","src_port":38061,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685636053299196,"flow_src_last_pkt_time":1685636053299196,"flow_dst_last_pkt_time":1685636053299196,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685637797751103,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"74.111.203.55","src_port":57141,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00580{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":13,"packets-processed":12,"total-skipped-flows":0,"total-l4-payload-len":1078,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":11,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":11,"total-idle-flows":10,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":55,"global_ts_usec":1685638455443887} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685638455443887,"flow_src_last_pkt_time":1685638455443887,"flow_dst_last_pkt_time":1685638455443887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685638455443887,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"69.109.187.54","src_port":38756,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":1,"flow_src_last_pkt_time":1685638455443887,"flow_dst_last_pkt_time":1685638455443887,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685638455443887,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPMRpTXsg6KdRW27NpdkAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685638455443887,"flow_src_last_pkt_time":1685638455443887,"flow_dst_last_pkt_time":1685638455443887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685638455443887,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"69.109.187.54","src_port":38756,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685637797751103,"flow_src_last_pkt_time":1685637797751103,"flow_dst_last_pkt_time":1685637797751103,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685638455443887,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.144.84.62","src_port":38061,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00580{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":14,"packets-processed":13,"total-skipped-flows":0,"total-l4-payload-len":1176,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":12,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":12,"total-idle-flows":11,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":60,"global_ts_usec":1685644247091385} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644247091385,"flow_src_last_pkt_time":1685644247091385,"flow_dst_last_pkt_time":1685644247091385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644247091385,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":39908,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":1,"flow_src_last_pkt_time":1685644247091385,"flow_dst_last_pkt_time":1685644247091385,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685644247091385,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80OZvkAasAJU6QAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644247091385,"flow_src_last_pkt_time":1685644247091385,"flow_dst_last_pkt_time":1685644247091385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644247091385,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":39908,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685638455443887,"flow_src_last_pkt_time":1685638455443887,"flow_dst_last_pkt_time":1685638455443887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644247091385,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"69.109.187.54","src_port":38756,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644675913837,"flow_src_last_pkt_time":1685644675913837,"flow_dst_last_pkt_time":1685644675913837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644675913837,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":40656,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":1,"flow_src_last_pkt_time":1685644675913837,"flow_dst_last_pkt_time":1685644675913837,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685644675913837,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27Np7QAasAJUuoAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644675913837,"flow_src_last_pkt_time":1685644675913837,"flow_dst_last_pkt_time":1685644675913837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644675913837,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":40656,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644247091385,"flow_src_last_pkt_time":1685644247091385,"flow_dst_last_pkt_time":1685644247091385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644675913837,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":39908,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644782769825,"flow_src_last_pkt_time":1685644782769825,"flow_dst_last_pkt_time":1685644782769825,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644782769825,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":37600,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":1,"flow_src_last_pkt_time":1685644782769825,"flow_dst_last_pkt_time":1685644782769825,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685644782769825,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPURKLnIH5CeunDKNZLgAasAJVeXAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644782769825,"flow_src_last_pkt_time":1685644782769825,"flow_dst_last_pkt_time":1685644782769825,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644782769825,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":37600,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644675913837,"flow_src_last_pkt_time":1685644675913837,"flow_dst_last_pkt_time":1685644675913837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644782769825,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":40656,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00580{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":17,"packets-processed":16,"total-skipped-flows":0,"total-l4-payload-len":1263,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":15,"total-detection-updates":0,"total-updates":3,"current-active-flows":2,"total-active-flows":15,"total-idle-flows":13,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":73,"global_ts_usec":1685646379667471} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685646379667471,"flow_src_last_pkt_time":1685646379667471,"flow_dst_last_pkt_time":1685646379667471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685646379667471,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.147.171.51","src_port":53651,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":1,"flow_src_last_pkt_time":1685646379667471,"flow_dst_last_pkt_time":1685646379667471,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685646379667471,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbNVGHGX8WpOrM9GTAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685646379667471,"flow_src_last_pkt_time":1685646379667471,"flow_dst_last_pkt_time":1685646379667471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685646379667471,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.147.171.51","src_port":53651,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644782769825,"flow_src_last_pkt_time":1685644782769825,"flow_dst_last_pkt_time":1685644782769825,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685646379667471,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":37600,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644675913837,"flow_src_last_pkt_time":1685644675913837,"flow_dst_last_pkt_time":1685644675913837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685646379667471,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":40656,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00580{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":18,"packets-processed":17,"total-skipped-flows":0,"total-l4-payload-len":1292,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":16,"total-detection-updates":0,"total-updates":3,"current-active-flows":1,"total-active-flows":16,"total-idle-flows":15,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":79,"global_ts_usec":1685647342398373} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647342398373,"flow_src_last_pkt_time":1685647342398373,"flow_dst_last_pkt_time":1685647342398373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647342398373,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":38913,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":1,"flow_src_last_pkt_time":1685647342398373,"flow_dst_last_pkt_time":1685647342398373,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685647342398373,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN5gBAasAJVJ4AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647342398373,"flow_src_last_pkt_time":1685647342398373,"flow_dst_last_pkt_time":1685647342398373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647342398373,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":38913,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685646379667471,"flow_src_last_pkt_time":1685646379667471,"flow_dst_last_pkt_time":1685646379667471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647342398373,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.147.171.51","src_port":53651,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647407833070,"flow_src_last_pkt_time":1685647407833070,"flow_dst_last_pkt_time":1685647407833070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647407833070,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":33453,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":1,"flow_src_last_pkt_time":1685647407833070,"flow_dst_last_pkt_time":1685647407833070,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685647407833070,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMoKtAasAJWfNAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647407833070,"flow_src_last_pkt_time":1685647407833070,"flow_dst_last_pkt_time":1685647407833070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647407833070,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":33453,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647342398373,"flow_src_last_pkt_time":1685647342398373,"flow_dst_last_pkt_time":1685647342398373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647407833070,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":38913,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00580{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":20,"packets-processed":19,"total-skipped-flows":0,"total-l4-payload-len":1350,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":18,"total-detection-updates":0,"total-updates":4,"current-active-flows":2,"total-active-flows":18,"total-idle-flows":16,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":88,"global_ts_usec":1685647960810732} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647960810732,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647960810732,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":60963,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_packet_id":1,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685647960810732,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lOO4jAasAJfxRAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647960810732,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647960810732,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":60963,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647342398373,"flow_src_last_pkt_time":1685647342398373,"flow_dst_last_pkt_time":1685647342398373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647960810732,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":38913,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647407833070,"flow_src_last_pkt_time":1685647407833070,"flow_dst_last_pkt_time":1685647407833070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647960810732,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":33453,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648124700322,"flow_src_last_pkt_time":1685648124700322,"flow_dst_last_pkt_time":1685648124700322,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648124700322,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":41259,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":1,"flow_src_last_pkt_time":1685648124700322,"flow_dst_last_pkt_time":1685648124700322,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685648124700322,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM6ErAasAJUlQAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648124700322,"flow_src_last_pkt_time":1685648124700322,"flow_dst_last_pkt_time":1685648124700322,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648124700322,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":41259,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647960810732,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648124700322,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":60963,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00580{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":22,"packets-processed":21,"total-skipped-flows":0,"total-l4-payload-len":1408,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":20,"total-detection-updates":0,"total-updates":5,"current-active-flows":2,"total-active-flows":20,"total-idle-flows":18,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":98,"global_ts_usec":1685648698148233} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648698148233,"flow_src_last_pkt_time":1685648698148233,"flow_dst_last_pkt_time":1685648698148233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648698148233,"l3_proto":"ip4","src_ip":"62.230.4.248","dst_ip":"165.144.84.62","src_port":56007,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":1,"flow_src_last_pkt_time":1685648698148233,"flow_dst_last_pkt_time":1685648698148233,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685648698148233,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbM4+5gT4pZBUPtrHAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648698148233,"flow_src_last_pkt_time":1685648698148233,"flow_dst_last_pkt_time":1685648698148233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648698148233,"l3_proto":"ip4","src_ip":"62.230.4.248","dst_ip":"165.144.84.62","src_port":56007,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647960810732,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648698148233,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":60963,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648124700322,"flow_src_last_pkt_time":1685648124700322,"flow_dst_last_pkt_time":1685648124700322,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648698148233,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":41259,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":23,"packets-processed":22,"total-skipped-flows":0,"total-l4-payload-len":1437,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":21,"total-detection-updates":0,"total-updates":5,"current-active-flows":1,"total-active-flows":21,"total-idle-flows":20,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":104,"global_ts_usec":1685650322996075} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650322996075,"flow_src_last_pkt_time":1685650322996075,"flow_dst_last_pkt_time":1685650322996075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650322996075,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":52741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":1,"flow_src_last_pkt_time":1685650322996075,"flow_dst_last_pkt_time":1685650322996075,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685650322996075,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPc4FAasAJRxqAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650322996075,"flow_src_last_pkt_time":1685650322996075,"flow_dst_last_pkt_time":1685650322996075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650322996075,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":52741,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648698148233,"flow_src_last_pkt_time":1685648698148233,"flow_dst_last_pkt_time":1685648698148233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650322996075,"l3_proto":"ip4","src_ip":"62.230.4.248","dst_ip":"165.144.84.62","src_port":56007,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650536282125,"flow_src_last_pkt_time":1685650536282125,"flow_dst_last_pkt_time":1685650536282125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650536282125,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":39516,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":23,"flow_packet_id":1,"flow_src_last_pkt_time":1685650536282125,"flow_dst_last_pkt_time":1685650536282125,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685650536282125,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPURKLTIH5CeWpG0OppcAasAJVAWAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650536282125,"flow_src_last_pkt_time":1685650536282125,"flow_dst_last_pkt_time":1685650536282125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650536282125,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":39516,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650322996075,"flow_src_last_pkt_time":1685650322996075,"flow_dst_last_pkt_time":1685650322996075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650536282125,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":52741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650669220572,"flow_src_last_pkt_time":1685650669220572,"flow_dst_last_pkt_time":1685650669220572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650669220572,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":43074,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":24,"flow_packet_id":1,"flow_src_last_pkt_time":1685650669220572,"flow_dst_last_pkt_time":1685650669220572,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685650669220572,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPqhCAasAJUIuAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650669220572,"flow_src_last_pkt_time":1685650669220572,"flow_dst_last_pkt_time":1685650669220572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650669220572,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":43074,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650536282125,"flow_src_last_pkt_time":1685650536282125,"flow_dst_last_pkt_time":1685650536282125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650669220572,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":39516,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":26,"packets-processed":25,"total-skipped-flows":0,"total-l4-payload-len":1524,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":24,"total-detection-updates":0,"total-updates":6,"current-active-flows":2,"total-active-flows":24,"total-idle-flows":22,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":117,"global_ts_usec":1685650926504967} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650926504967,"flow_src_last_pkt_time":1685650926504967,"flow_dst_last_pkt_time":1685650926504967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650926504967,"l3_proto":"ip4","src_ip":"198.229.224.110","dst_ip":"90.145.180.58","src_port":56395,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":25,"flow_packet_id":1,"flow_src_last_pkt_time":1685650926504967,"flow_dst_last_pkt_time":1685650926504967,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685650926504967,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPoRbJPG5eBuWpG0OtxLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650926504967,"flow_src_last_pkt_time":1685650926504967,"flow_dst_last_pkt_time":1685650926504967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650926504967,"l3_proto":"ip4","src_ip":"198.229.224.110","dst_ip":"90.145.180.58","src_port":56395,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650669220572,"flow_src_last_pkt_time":1685650669220572,"flow_dst_last_pkt_time":1685650669220572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650926504967,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":43074,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650536282125,"flow_src_last_pkt_time":1685650536282125,"flow_dst_last_pkt_time":1685650536282125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650926504967,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":39516,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":27,"packets-processed":26,"total-skipped-flows":0,"total-l4-payload-len":1553,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":25,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":25,"total-idle-flows":24,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":123,"global_ts_usec":1685653377845672} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685653377845672,"flow_src_last_pkt_time":1685653377845672,"flow_dst_last_pkt_time":1685653377845672,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685653377845672,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":27095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":26,"flow_packet_id":1,"flow_src_last_pkt_time":1685653377845672,"flow_dst_last_pkt_time":1685653377845672,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685653377845672,"pkt":"AAwp30Y4PJTVQTiBCABFAABSlBMAAG4Rf4VDnxCWpZBUPmnXAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685653377845672,"flow_src_last_pkt_time":1685653377845672,"flow_dst_last_pkt_time":1685653377845672,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685653377845672,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":27095,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650926504967,"flow_src_last_pkt_time":1685650926504967,"flow_dst_last_pkt_time":1685650926504967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685653377845672,"l3_proto":"ip4","src_ip":"198.229.224.110","dst_ip":"90.145.180.58","src_port":56395,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":28,"packets-processed":27,"total-skipped-flows":0,"total-l4-payload-len":1607,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":26,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":26,"total-idle-flows":25,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":128,"global_ts_usec":1685656813046229} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685656813046229,"flow_src_last_pkt_time":1685656813046229,"flow_dst_last_pkt_time":1685656813046229,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685656813046229,"l3_proto":"ip4","src_ip":"217.217.186.39","dst_ip":"186.112.202.53","src_port":52663,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":1,"flow_src_last_pkt_time":1685656813046229,"flow_dst_last_pkt_time":1685656813046229,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685656813046229,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbWnZ2bonunDKNc23AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685656813046229,"flow_src_last_pkt_time":1685656813046229,"flow_dst_last_pkt_time":1685656813046229,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685656813046229,"l3_proto":"ip4","src_ip":"217.217.186.39","dst_ip":"186.112.202.53","src_port":52663,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685653377845672,"flow_src_last_pkt_time":1685653377845672,"flow_dst_last_pkt_time":1685653377845672,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685656813046229,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":27095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685657160451708,"flow_src_last_pkt_time":1685657160451708,"flow_dst_last_pkt_time":1685657160451708,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685657160451708,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":26160,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":1,"flow_src_last_pkt_time":1685657160451708,"flow_dst_last_pkt_time":1685657160451708,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685657160451708,"pkt":"bpHurUgdPJTVQTiBCABFCABLsZ4AACIRGQ0j\/EVxRW27NmYwAasAN7uVAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685657160451708,"flow_src_last_pkt_time":1685657160451708,"flow_dst_last_pkt_time":1685657160451708,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685657160451708,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":26160,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685656813046229,"flow_src_last_pkt_time":1685656813046229,"flow_dst_last_pkt_time":1685656813046229,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685657160451708,"l3_proto":"ip4","src_ip":"217.217.186.39","dst_ip":"186.112.202.53","src_port":52663,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":30,"packets-processed":29,"total-skipped-flows":0,"total-l4-payload-len":1683,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":28,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":28,"total-idle-flows":27,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":137,"global_ts_usec":1685719505759316} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719505759316,"flow_src_last_pkt_time":1685719505759316,"flow_dst_last_pkt_time":1685719505759316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719505759316,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"90.141.37.56","src_port":45441,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":1,"flow_src_last_pkt_time":1685719505759316,"flow_dst_last_pkt_time":1685719505759316,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685719505759316,"pkt":"3jHC4dyOPJTVQTiBCABFAABL9UAAACcR3eciZn14Wo0lOLGBAasAN325AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01075{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719505759316,"flow_src_last_pkt_time":1685719505759316,"flow_dst_last_pkt_time":1685719505759316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719505759316,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"90.141.37.56","src_port":45441,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":31,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685657160451708,"flow_src_last_pkt_time":1685657160451708,"flow_dst_last_pkt_time":1685657160451708,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719505759316,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":26160,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":31,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719700086818,"flow_src_last_pkt_time":1685719700086818,"flow_dst_last_pkt_time":1685719700086818,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719700086818,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.147.171.51","src_port":58691,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":31,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":1,"flow_src_last_pkt_time":1685719700086818,"flow_dst_last_pkt_time":1685719700086818,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685719700086818,"pkt":"AAwp30Y4PJTVQTiBCABFCABLINwAACQRo44bhqncWpOrM+VDAasANzhBAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":31,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719700086818,"flow_src_last_pkt_time":1685719700086818,"flow_dst_last_pkt_time":1685719700086818,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719700086818,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.147.171.51","src_port":58691,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01114{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719505759316,"flow_src_last_pkt_time":1685719505759316,"flow_dst_last_pkt_time":1685719505759316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719700086818,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"90.141.37.56","src_port":45441,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":32,"packets-processed":31,"total-skipped-flows":0,"total-l4-payload-len":1777,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":30,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":30,"total-idle-flows":29,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":146,"global_ts_usec":1685722352249009} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685722352249009,"flow_src_last_pkt_time":1685722352249009,"flow_dst_last_pkt_time":1685722352249009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685722352249009,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":33386,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":1,"flow_src_last_pkt_time":1685722352249009,"flow_dst_last_pkt_time":1685722352249009,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685722352249009,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAOsREgyGtJCVunDKNYJqAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685722352249009,"flow_src_last_pkt_time":1685722352249009,"flow_dst_last_pkt_time":1685722352249009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685722352249009,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":33386,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719700086818,"flow_src_last_pkt_time":1685719700086818,"flow_dst_last_pkt_time":1685719700086818,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685722352249009,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.147.171.51","src_port":58691,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":33,"packets-processed":32,"total-skipped-flows":0,"total-l4-payload-len":1875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":31,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":31,"total-idle-flows":30,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":151,"global_ts_usec":1685724063085340} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724063085340,"flow_src_last_pkt_time":1685724063085340,"flow_dst_last_pkt_time":1685724063085340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724063085340,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.145.180.58","src_port":50939,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":32,"flow_packet_id":1,"flow_src_last_pkt_time":1685724063085340,"flow_dst_last_pkt_time":1685724063085340,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685724063085340,"pkt":"bs1PogZtPJTVQTiBCABFCABLVAkAACQRcFsk523ZWpG0Osb7AasAN1aDAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724063085340,"flow_src_last_pkt_time":1685724063085340,"flow_dst_last_pkt_time":1685724063085340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724063085340,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.145.180.58","src_port":50939,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":34,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685722352249009,"flow_src_last_pkt_time":1685722352249009,"flow_dst_last_pkt_time":1685722352249009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724063085340,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":33386,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":34,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724385340729,"flow_src_last_pkt_time":1685724385340729,"flow_dst_last_pkt_time":1685724385340729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724385340729,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":41334,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":34,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":33,"flow_packet_id":1,"flow_src_last_pkt_time":1685724385340729,"flow_dst_last_pkt_time":1685724385340729,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685724385340729,"pkt":"AAwp30Y4PJTVQTiBCABFCABL+OMAACIR0dTjx1p6Wm\/UMqF2AasAN4BcAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":34,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724385340729,"flow_src_last_pkt_time":1685724385340729,"flow_dst_last_pkt_time":1685724385340729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724385340729,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":41334,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":35,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724063085340,"flow_src_last_pkt_time":1685724063085340,"flow_dst_last_pkt_time":1685724063085340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724385340729,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.145.180.58","src_port":50939,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":35,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724460743313,"flow_src_last_pkt_time":1685724460743313,"flow_dst_last_pkt_time":1685724460743313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724460743313,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"85.111.52.57","src_port":58970,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":35,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":1,"flow_src_last_pkt_time":1685724460743313,"flow_dst_last_pkt_time":1685724460743313,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685724460743313,"pkt":"moT+\/Ph8PJTVQTiBCABFCAB+1DEAAOsREgK2tHiLVW80OeZaAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":35,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724460743313,"flow_src_last_pkt_time":1685724460743313,"flow_dst_last_pkt_time":1685724460743313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724460743313,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"85.111.52.57","src_port":58970,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724385340729,"flow_src_last_pkt_time":1685724385340729,"flow_dst_last_pkt_time":1685724385340729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724460743313,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":41334,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":36,"packets-processed":35,"total-skipped-flows":0,"total-l4-payload-len":2067,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":34,"total-detection-updates":0,"total-updates":7,"current-active-flows":2,"total-active-flows":34,"total-idle-flows":32,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":164,"global_ts_usec":1685725477275419} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725477275419,"flow_src_last_pkt_time":1685725477275419,"flow_dst_last_pkt_time":1685725477275419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725477275419,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":55489,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":1,"flow_src_last_pkt_time":1685725477275419,"flow_dst_last_pkt_time":1685725477275419,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685725477275419,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZXItJByWm\/UMtjBAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725477275419,"flow_src_last_pkt_time":1685725477275419,"flow_dst_last_pkt_time":1685725477275419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725477275419,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":55489,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724385340729,"flow_src_last_pkt_time":1685724385340729,"flow_dst_last_pkt_time":1685724385340729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725477275419,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":41334,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724460743313,"flow_src_last_pkt_time":1685724460743313,"flow_dst_last_pkt_time":1685724460743313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725477275419,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"85.111.52.57","src_port":58970,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725705626703,"flow_src_last_pkt_time":1685725705626703,"flow_dst_last_pkt_time":1685725705626703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725705626703,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":60983,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":1,"flow_src_last_pkt_time":1685725705626703,"flow_dst_last_pkt_time":1685725705626703,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685725705626703,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDMZGtG\/xpXLKPe43AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725705626703,"flow_src_last_pkt_time":1685725705626703,"flow_dst_last_pkt_time":1685725705626703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725705626703,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":60983,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":38,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725477275419,"flow_src_last_pkt_time":1685725477275419,"flow_dst_last_pkt_time":1685725477275419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725705626703,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":55489,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":38,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725834402274,"flow_src_last_pkt_time":1685725834402274,"flow_dst_last_pkt_time":1685725834402274,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725834402274,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.141.37.56","src_port":38679,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":38,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":1,"flow_src_last_pkt_time":1685725834402274,"flow_dst_last_pkt_time":1685725834402274,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685725834402274,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRpTLsg6KdWo0lOJcXAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":38,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725834402274,"flow_src_last_pkt_time":1685725834402274,"flow_dst_last_pkt_time":1685725834402274,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725834402274,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.141.37.56","src_port":38679,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725705626703,"flow_src_last_pkt_time":1685725705626703,"flow_dst_last_pkt_time":1685725705626703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725834402274,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":60983,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725970240675,"flow_src_last_pkt_time":1685725970240675,"flow_dst_last_pkt_time":1685725970240675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725970240675,"l3_proto":"ip4","src_ip":"47.123.189.155","dst_ip":"90.147.171.51","src_port":56038,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":1,"flow_src_last_pkt_time":1685725970240675,"flow_dst_last_pkt_time":1685725970240675,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685725970240675,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpTQve72bWpOrM9rmAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725970240675,"flow_src_last_pkt_time":1685725970240675,"flow_dst_last_pkt_time":1685725970240675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725970240675,"l3_proto":"ip4","src_ip":"47.123.189.155","dst_ip":"90.147.171.51","src_port":56038,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725705626703,"flow_src_last_pkt_time":1685725705626703,"flow_dst_last_pkt_time":1685725705626703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725970240675,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":60983,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725834402274,"flow_src_last_pkt_time":1685725834402274,"flow_dst_last_pkt_time":1685725834402274,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725970240675,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.141.37.56","src_port":38679,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":40,"packets-processed":39,"total-skipped-flows":0,"total-l4-payload-len":2459,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":38,"total-detection-updates":0,"total-updates":9,"current-active-flows":2,"total-active-flows":38,"total-idle-flows":36,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":183,"global_ts_usec":1685726470530729} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726470530729,"flow_src_last_pkt_time":1685726470530729,"flow_dst_last_pkt_time":1685726470530729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726470530729,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"74.111.203.55","src_port":48096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":1,"flow_src_last_pkt_time":1685726470530729,"flow_dst_last_pkt_time":1685726470530729,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685726470530729,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPARDNBGtG\/xSm\/LN7vgAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726470530729,"flow_src_last_pkt_time":1685726470530729,"flow_dst_last_pkt_time":1685726470530729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726470530729,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"74.111.203.55","src_port":48096,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725834402274,"flow_src_last_pkt_time":1685725834402274,"flow_dst_last_pkt_time":1685725834402274,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726470530729,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.141.37.56","src_port":38679,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725970240675,"flow_src_last_pkt_time":1685725970240675,"flow_dst_last_pkt_time":1685725970240675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726470530729,"l3_proto":"ip4","src_ip":"47.123.189.155","dst_ip":"90.147.171.51","src_port":56038,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726834568415,"flow_src_last_pkt_time":1685726834568415,"flow_dst_last_pkt_time":1685726834568415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726834568415,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":46563,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":1,"flow_src_last_pkt_time":1685726834568415,"flow_dst_last_pkt_time":1685726834568415,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685726834568415,"pkt":"bs1PogZtPJTVQTiBCABFCAB+1DEAAOsREgC2tHiLWpG0OrXjAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726834568415,"flow_src_last_pkt_time":1685726834568415,"flow_dst_last_pkt_time":1685726834568415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726834568415,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":46563,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726470530729,"flow_src_last_pkt_time":1685726470530729,"flow_dst_last_pkt_time":1685726470530729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726834568415,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"74.111.203.55","src_port":48096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":42,"packets-processed":41,"total-skipped-flows":0,"total-l4-payload-len":2655,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":40,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":40,"total-idle-flows":39,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":193,"global_ts_usec":1685731799713540} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685731799713540,"flow_src_last_pkt_time":1685731799713540,"flow_dst_last_pkt_time":1685731799713540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685731799713540,"l3_proto":"ip4","src_ip":"218.19.29.186","dst_ip":"90.111.212.50","src_port":56315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":41,"flow_packet_id":1,"flow_src_last_pkt_time":1685731799713540,"flow_dst_last_pkt_time":1685731799713540,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685731799713540,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbPbaEx26Wm\/UMtv7AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685731799713540,"flow_src_last_pkt_time":1685731799713540,"flow_dst_last_pkt_time":1685731799713540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685731799713540,"l3_proto":"ip4","src_ip":"218.19.29.186","dst_ip":"90.111.212.50","src_port":56315,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726834568415,"flow_src_last_pkt_time":1685726834568415,"flow_dst_last_pkt_time":1685726834568415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685731799713540,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":46563,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":43,"packets-processed":42,"total-skipped-flows":0,"total-l4-payload-len":2684,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":41,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":41,"total-idle-flows":40,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":198,"global_ts_usec":1685734492958804} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685734492958804,"flow_src_last_pkt_time":1685734492958804,"flow_dst_last_pkt_time":1685734492958804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685734492958804,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"69.109.187.54","src_port":51349,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":1,"flow_src_last_pkt_time":1685734492958804,"flow_dst_last_pkt_time":1685734492958804,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685734492958804,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRbOC61Z7hRW27NsiVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685734492958804,"flow_src_last_pkt_time":1685734492958804,"flow_dst_last_pkt_time":1685734492958804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685734492958804,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"69.109.187.54","src_port":51349,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685731799713540,"flow_src_last_pkt_time":1685731799713540,"flow_dst_last_pkt_time":1685731799713540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685734492958804,"l3_proto":"ip4","src_ip":"218.19.29.186","dst_ip":"90.111.212.50","src_port":56315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":44,"packets-processed":43,"total-skipped-flows":0,"total-l4-payload-len":2713,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":42,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":42,"total-idle-flows":41,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":203,"global_ts_usec":1685736988753451} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685736988753451,"flow_src_last_pkt_time":1685736988753451,"flow_dst_last_pkt_time":1685736988753451,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685736988753451,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.141.37.56","src_port":7086,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":1,"flow_src_last_pkt_time":1685736988753451,"flow_dst_last_pkt_time":1685736988753451,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685736988753451,"pkt":"3jHC4dyOPJTVQTiBCABFCABLe9YAACQRSJTn33nVWo0lOBuuAasANwHXAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685736988753451,"flow_src_last_pkt_time":1685736988753451,"flow_dst_last_pkt_time":1685736988753451,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685736988753451,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.141.37.56","src_port":7086,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685734492958804,"flow_src_last_pkt_time":1685734492958804,"flow_dst_last_pkt_time":1685734492958804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685736988753451,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"69.109.187.54","src_port":51349,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":45,"packets-processed":44,"total-skipped-flows":0,"total-l4-payload-len":2760,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":43,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":43,"total-idle-flows":42,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":208,"global_ts_usec":1685741033951129} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685741033951129,"flow_src_last_pkt_time":1685741033951129,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685741033951129,"l3_proto":"ip4","src_ip":"20.133.112.32","dst_ip":"165.114.202.61","src_port":11510,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":1,"flow_src_last_pkt_time":1685741033951129,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685741033951129,"pkt":"AAwp30Y4PJTVQTiBCABFCABSKPYAACgRnOcUhXAgpXLKPSz2AasAPogCAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685741033951129,"flow_src_last_pkt_time":1685741033951129,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685741033951129,"l3_proto":"ip4","src_ip":"20.133.112.32","dst_ip":"165.114.202.61","src_port":11510,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":46,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":2,"flow_src_last_pkt_time":1685741033951143,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685741033951143,"pkt":"AAwp30Y4PJTVQTiBCABFCABSKPYAACgRnOcUhXAgpXLKPSz2AasAPogCAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685736988753451,"flow_src_last_pkt_time":1685736988753451,"flow_dst_last_pkt_time":1685736988753451,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685741033951143,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.141.37.56","src_port":7086,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":47,"packets-processed":46,"total-skipped-flows":0,"total-l4-payload-len":2868,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":44,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":44,"total-idle-flows":43,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":214,"global_ts_usec":1685749458942275} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685749458942275,"flow_src_last_pkt_time":1685749458942275,"flow_dst_last_pkt_time":1685749458942275,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685749458942275,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"186.112.202.53","src_port":51745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":1,"flow_src_last_pkt_time":1685749458942275,"flow_dst_last_pkt_time":1685749458942275,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685749458942275,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRYABTMNjrunDKNcohAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685749458942275,"flow_src_last_pkt_time":1685749458942275,"flow_dst_last_pkt_time":1685749458942275,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685749458942275,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"186.112.202.53","src_port":51745,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1685741033951129,"flow_src_last_pkt_time":1685741033951143,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685749458942275,"l3_proto":"ip4","src_ip":"20.133.112.32","dst_ip":"165.114.202.61","src_port":11510,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":48,"packets-processed":47,"total-skipped-flows":0,"total-l4-payload-len":2897,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":45,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":45,"total-idle-flows":44,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":219,"global_ts_usec":1685750473996900} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685750473996900,"flow_src_last_pkt_time":1685750473996900,"flow_dst_last_pkt_time":1685750473996900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685750473996900,"l3_proto":"ip4","src_ip":"154.97.132.119","dst_ip":"165.144.84.62","src_port":64306,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":1,"flow_src_last_pkt_time":1685750473996900,"flow_dst_last_pkt_time":1685750473996900,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685750473996900,"pkt":"AAwp30Y4PJTVQTiBCABFAABLscgAACcRIVOaYYR3pZBUPvsyAasANzP7AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685750473996900,"flow_src_last_pkt_time":1685750473996900,"flow_dst_last_pkt_time":1685750473996900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685750473996900,"l3_proto":"ip4","src_ip":"154.97.132.119","dst_ip":"165.144.84.62","src_port":64306,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685749458942275,"flow_src_last_pkt_time":1685749458942275,"flow_dst_last_pkt_time":1685749458942275,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685750473996900,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"186.112.202.53","src_port":51745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":49,"packets-processed":48,"total-skipped-flows":0,"total-l4-payload-len":2944,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":46,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":46,"total-idle-flows":45,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":224,"global_ts_usec":1685754984415729} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685754984415729,"flow_src_last_pkt_time":1685754984415729,"flow_dst_last_pkt_time":1685754984415729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685754984415729,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"90.145.180.58","src_port":56358,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":47,"flow_packet_id":1,"flow_src_last_pkt_time":1685754984415729,"flow_dst_last_pkt_time":1685754984415729,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685754984415729,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPoRXvtTMNjrWpG0OtwmAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685754984415729,"flow_src_last_pkt_time":1685754984415729,"flow_dst_last_pkt_time":1685754984415729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685754984415729,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"90.145.180.58","src_port":56358,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685750473996900,"flow_src_last_pkt_time":1685750473996900,"flow_dst_last_pkt_time":1685750473996900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685754984415729,"l3_proto":"ip4","src_ip":"154.97.132.119","dst_ip":"165.144.84.62","src_port":64306,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":50,"packets-processed":49,"total-skipped-flows":0,"total-l4-payload-len":2973,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":47,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":47,"total-idle-flows":46,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":229,"global_ts_usec":1685757305453914} +00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757305453914,"flow_src_last_pkt_time":1685757305453914,"flow_dst_last_pkt_time":1685757305453914,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757305453914,"l3_proto":"ip4","src_ip":"72.30.8.39","dst_ip":"90.111.212.50","src_port":43690,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":1,"flow_src_last_pkt_time":1685757305453914,"flow_dst_last_pkt_time":1685757305453914,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685757305453914,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+GZhAADQR3IJIHggnWm\/UMqqqAasAKnQsAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01066{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757305453914,"flow_src_last_pkt_time":1685757305453914,"flow_dst_last_pkt_time":1685757305453914,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757305453914,"l3_proto":"ip4","src_ip":"72.30.8.39","dst_ip":"90.111.212.50","src_port":43690,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":51,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685754984415729,"flow_src_last_pkt_time":1685754984415729,"flow_dst_last_pkt_time":1685754984415729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757305453914,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"90.145.180.58","src_port":56358,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00773{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":51,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757594807526,"flow_src_last_pkt_time":1685757594807526,"flow_dst_last_pkt_time":1685757594807526,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757594807526,"l3_proto":"ip4","src_ip":"71.38.8.47","dst_ip":"90.141.37.56","src_port":42689,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":51,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":1,"flow_src_last_pkt_time":1685757594807526,"flow_dst_last_pkt_time":1685757594807526,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685757594807526,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+4kRAADQRE8lHJggvWo0lOKbBAasAKngIAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01065{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":51,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757594807526,"flow_src_last_pkt_time":1685757594807526,"flow_dst_last_pkt_time":1685757594807526,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757594807526,"l3_proto":"ip4","src_ip":"71.38.8.47","dst_ip":"90.141.37.56","src_port":42689,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01105{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757305453914,"flow_src_last_pkt_time":1685757305453914,"flow_dst_last_pkt_time":1685757305453914,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757594807526,"l3_proto":"ip4","src_ip":"72.30.8.39","dst_ip":"90.111.212.50","src_port":43690,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00581{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":52,"packets-processed":51,"total-skipped-flows":0,"total-l4-payload-len":3041,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":49,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":49,"total-idle-flows":48,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":238,"global_ts_usec":1685758217856293} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758217856293,"flow_src_last_pkt_time":1685758217856293,"flow_dst_last_pkt_time":1685758217856293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758217856293,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"165.144.84.62","src_port":12409,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":1,"flow_src_last_pkt_time":1685758217856293,"flow_dst_last_pkt_time":1685758217856293,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685758217856293,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+f25AADQRdoJ5avcUpZBUPjB5AasAKu4zAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758217856293,"flow_src_last_pkt_time":1685758217856293,"flow_dst_last_pkt_time":1685758217856293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758217856293,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"165.144.84.62","src_port":12409,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01104{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":53,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757594807526,"flow_src_last_pkt_time":1685757594807526,"flow_dst_last_pkt_time":1685757594807526,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758217856293,"l3_proto":"ip4","src_ip":"71.38.8.47","dst_ip":"90.141.37.56","src_port":42689,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":53,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758396547203,"flow_src_last_pkt_time":1685758396547203,"flow_dst_last_pkt_time":1685758396547203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758396547203,"l3_proto":"ip4","src_ip":"55.94.8.63","dst_ip":"90.145.180.58","src_port":43995,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":53,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":1,"flow_src_last_pkt_time":1685758396547203,"flow_dst_last_pkt_time":1685758396547203,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685758396547203,"pkt":"bs1PogZtPJTVQTiBCABFAAA+VJpAADQRoWA3Xgg\/WpG0OqvbAasAKnLbAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01066{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":53,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758396547203,"flow_src_last_pkt_time":1685758396547203,"flow_dst_last_pkt_time":1685758396547203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758396547203,"l3_proto":"ip4","src_ip":"55.94.8.63","dst_ip":"90.145.180.58","src_port":43995,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":54,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758217856293,"flow_src_last_pkt_time":1685758217856293,"flow_dst_last_pkt_time":1685758217856293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758396547203,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"165.144.84.62","src_port":12409,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":54,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758497495915,"flow_src_last_pkt_time":1685758497495915,"flow_dst_last_pkt_time":1685758497495915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758497495915,"l3_proto":"ip4","src_ip":"185.225.247.8","dst_ip":"165.114.202.61","src_port":48375,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":54,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":52,"flow_packet_id":1,"flow_src_last_pkt_time":1685758497495915,"flow_dst_last_pkt_time":1685758497495915,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685758497495915,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+mh5AADQRW8W54fcIpXLKPbz3AasAKmGoAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":54,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758497495915,"flow_src_last_pkt_time":1685758497495915,"flow_dst_last_pkt_time":1685758497495915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758497495915,"l3_proto":"ip4","src_ip":"185.225.247.8","dst_ip":"165.114.202.61","src_port":48375,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758217856293,"flow_src_last_pkt_time":1685758217856293,"flow_dst_last_pkt_time":1685758217856293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758497495915,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"165.144.84.62","src_port":12409,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758396547203,"flow_src_last_pkt_time":1685758396547203,"flow_dst_last_pkt_time":1685758396547203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758497495915,"l3_proto":"ip4","src_ip":"55.94.8.63","dst_ip":"90.145.180.58","src_port":43995,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":55,"packets-processed":54,"total-skipped-flows":0,"total-l4-payload-len":3143,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":52,"total-detection-updates":0,"total-updates":11,"current-active-flows":2,"total-active-flows":52,"total-idle-flows":50,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":252,"global_ts_usec":1685758883587256} +00773{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758883587256,"flow_src_last_pkt_time":1685758883587256,"flow_dst_last_pkt_time":1685758883587256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758883587256,"l3_proto":"ip4","src_ip":"121.82.8.7","dst_ip":"85.111.52.57","src_port":60170,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":53,"flow_packet_id":1,"flow_src_last_pkt_time":1685758883587256,"flow_dst_last_pkt_time":1685758883587256,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685758883587256,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+3xBAADQRFtB5UggHVW80OesKAasAKjOSAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01065{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758883587256,"flow_src_last_pkt_time":1685758883587256,"flow_dst_last_pkt_time":1685758883587256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758883587256,"l3_proto":"ip4","src_ip":"121.82.8.7","dst_ip":"85.111.52.57","src_port":60170,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":56,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758497495915,"flow_src_last_pkt_time":1685758497495915,"flow_dst_last_pkt_time":1685758497495915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758883587256,"l3_proto":"ip4","src_ip":"185.225.247.8","dst_ip":"165.114.202.61","src_port":48375,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01105{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":56,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758396547203,"flow_src_last_pkt_time":1685758396547203,"flow_dst_last_pkt_time":1685758396547203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758883587256,"l3_proto":"ip4","src_ip":"55.94.8.63","dst_ip":"90.145.180.58","src_port":43995,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":56,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759315778010,"flow_src_last_pkt_time":1685759315778010,"flow_dst_last_pkt_time":1685759315778010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759315778010,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"186.112.202.53","src_port":55474,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":56,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":54,"flow_packet_id":1,"flow_src_last_pkt_time":1685759315778010,"flow_dst_last_pkt_time":1685759315778010,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685759315778010,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+7TlAADQRCL55avcUunDKNdiyAasAKkYBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":56,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759315778010,"flow_src_last_pkt_time":1685759315778010,"flow_dst_last_pkt_time":1685759315778010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759315778010,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"186.112.202.53","src_port":55474,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01104{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758883587256,"flow_src_last_pkt_time":1685758883587256,"flow_dst_last_pkt_time":1685758883587256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759315778010,"l3_proto":"ip4","src_ip":"121.82.8.7","dst_ip":"85.111.52.57","src_port":60170,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":57,"packets-processed":56,"total-skipped-flows":0,"total-l4-payload-len":3211,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":54,"total-detection-updates":0,"total-updates":11,"current-active-flows":1,"total-active-flows":54,"total-idle-flows":53,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":262,"global_ts_usec":1685759582800435} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759582800435,"flow_src_last_pkt_time":1685759582800435,"flow_dst_last_pkt_time":1685759582800435,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759582800435,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"90.147.171.51","src_port":55474,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":1,"flow_src_last_pkt_time":1685759582800435,"flow_dst_last_pkt_time":1685759582800435,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685759582800435,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+PaVAADQRuFZ5avcUWpOrM9iyAasAKkYFAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759582800435,"flow_src_last_pkt_time":1685759582800435,"flow_dst_last_pkt_time":1685759582800435,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759582800435,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"90.147.171.51","src_port":55474,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":58,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759315778010,"flow_src_last_pkt_time":1685759315778010,"flow_dst_last_pkt_time":1685759315778010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759582800435,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"186.112.202.53","src_port":55474,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":58,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759668286856,"flow_src_last_pkt_time":1685759668286856,"flow_dst_last_pkt_time":1685759668286856,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759668286856,"l3_proto":"ip4","src_ip":"200.97.247.24","dst_ip":"74.111.203.55","src_port":22124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":58,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":56,"flow_packet_id":1,"flow_src_last_pkt_time":1685759668286856,"flow_dst_last_pkt_time":1685759668286856,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685759668286856,"pkt":"ipffLU2SPJTVQTiBCABFAAA+WVBAADQRnKXIYfcYSm\/LN1ZsAasAKshFAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":58,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759668286856,"flow_src_last_pkt_time":1685759668286856,"flow_dst_last_pkt_time":1685759668286856,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759668286856,"l3_proto":"ip4","src_ip":"200.97.247.24","dst_ip":"74.111.203.55","src_port":22124,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759582800435,"flow_src_last_pkt_time":1685759582800435,"flow_dst_last_pkt_time":1685759582800435,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759668286856,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"90.147.171.51","src_port":55474,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":59,"packets-processed":58,"total-skipped-flows":0,"total-l4-payload-len":3279,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":56,"total-detection-updates":0,"total-updates":12,"current-active-flows":2,"total-active-flows":56,"total-idle-flows":54,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":271,"global_ts_usec":1685761109424998} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761109424998,"flow_src_last_pkt_time":1685761109424998,"flow_dst_last_pkt_time":1685761109424998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761109424998,"l3_proto":"ip4","src_ip":"121.35.244.56","dst_ip":"90.145.180.58","src_port":30580,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00581{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":1,"flow_src_last_pkt_time":1685761109424998,"flow_dst_last_pkt_time":1685761109424998,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685761109424998,"pkt":"bs1PogZtPJTVQTiBCABFBABS6itAACERQQR5I\/Q4WpG0Ond0AasAPtvSAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761109424998,"flow_src_last_pkt_time":1685761109424998,"flow_dst_last_pkt_time":1685761109424998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761109424998,"l3_proto":"ip4","src_ip":"121.35.244.56","dst_ip":"90.145.180.58","src_port":30580,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759582800435,"flow_src_last_pkt_time":1685759582800435,"flow_dst_last_pkt_time":1685759582800435,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761109424998,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"90.147.171.51","src_port":55474,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759668286856,"flow_src_last_pkt_time":1685759668286856,"flow_dst_last_pkt_time":1685759668286856,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761109424998,"l3_proto":"ip4","src_ip":"200.97.247.24","dst_ip":"74.111.203.55","src_port":22124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761214200787,"flow_src_last_pkt_time":1685761214200787,"flow_dst_last_pkt_time":1685761214200787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761214200787,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"69.109.187.54","src_port":26060,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":58,"flow_packet_id":1,"flow_src_last_pkt_time":1685761214200787,"flow_dst_last_pkt_time":1685761214200787,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685761214200787,"pkt":"bpHurUgdPJTVQTiBCABFAABLgxEAACcRUBmaYAV5RW27NmXMAasAN8lwAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761214200787,"flow_src_last_pkt_time":1685761214200787,"flow_dst_last_pkt_time":1685761214200787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761214200787,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"69.109.187.54","src_port":26060,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":61,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761109424998,"flow_src_last_pkt_time":1685761109424998,"flow_dst_last_pkt_time":1685761109424998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761214200787,"l3_proto":"ip4","src_ip":"121.35.244.56","dst_ip":"90.145.180.58","src_port":30580,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":61,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761390202624,"flow_src_last_pkt_time":1685761390202624,"flow_dst_last_pkt_time":1685761390202624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761390202624,"l3_proto":"ip4","src_ip":"38.236.38.224","dst_ip":"165.114.202.61","src_port":52729,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":61,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":59,"flow_packet_id":1,"flow_src_last_pkt_time":1685761390202624,"flow_dst_last_pkt_time":1685761390202624,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685761390202624,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbdYm7CbgpXLKPc35AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":61,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761390202624,"flow_src_last_pkt_time":1685761390202624,"flow_dst_last_pkt_time":1685761390202624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761390202624,"l3_proto":"ip4","src_ip":"38.236.38.224","dst_ip":"165.114.202.61","src_port":52729,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761109424998,"flow_src_last_pkt_time":1685761109424998,"flow_dst_last_pkt_time":1685761109424998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761390202624,"l3_proto":"ip4","src_ip":"121.35.244.56","dst_ip":"90.145.180.58","src_port":30580,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761214200787,"flow_src_last_pkt_time":1685761214200787,"flow_dst_last_pkt_time":1685761214200787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761390202624,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"69.109.187.54","src_port":26060,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":62,"packets-processed":61,"total-skipped-flows":0,"total-l4-payload-len":3409,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":59,"total-detection-updates":0,"total-updates":14,"current-active-flows":2,"total-active-flows":59,"total-idle-flows":57,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":286,"global_ts_usec":1685764555721287} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685764555721287,"flow_src_last_pkt_time":1685764555721287,"flow_dst_last_pkt_time":1685764555721287,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685764555721287,"l3_proto":"ip4","src_ip":"69.230.164.78","dst_ip":"90.141.37.56","src_port":55275,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":60,"flow_packet_id":1,"flow_src_last_pkt_time":1685764555721287,"flow_dst_last_pkt_time":1685764555721287,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685764555721287,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbXpF5qROWo0lONfrAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685764555721287,"flow_src_last_pkt_time":1685764555721287,"flow_dst_last_pkt_time":1685764555721287,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685764555721287,"l3_proto":"ip4","src_ip":"69.230.164.78","dst_ip":"90.141.37.56","src_port":55275,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761214200787,"flow_src_last_pkt_time":1685761214200787,"flow_dst_last_pkt_time":1685761214200787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685764555721287,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"69.109.187.54","src_port":26060,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761390202624,"flow_src_last_pkt_time":1685761390202624,"flow_dst_last_pkt_time":1685761390202624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685764555721287,"l3_proto":"ip4","src_ip":"38.236.38.224","dst_ip":"165.114.202.61","src_port":52729,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":63,"packets-processed":62,"total-skipped-flows":0,"total-l4-payload-len":3438,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":60,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":60,"total-idle-flows":59,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":292,"global_ts_usec":1685765514548491} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685765514548491,"flow_src_last_pkt_time":1685765514548491,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685765514548491,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.144.84.62","src_port":31778,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":1,"flow_src_last_pkt_time":1685765514548491,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685765514548491,"pkt":"AAwp30Y4PJTVQTiBCABFBABSeCIAADQRBE3rYkGFpZBUPnwiAasAPvtjAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685765514548491,"flow_src_last_pkt_time":1685765514548491,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685765514548491,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.144.84.62","src_port":31778,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":2,"flow_src_last_pkt_time":1685765514548505,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685765514548505,"pkt":"AAwp30Y4PJTVQTiBCABFBABSeCIAADQRBE3rYkGFpZBUPnwiAasAPvtjAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685764555721287,"flow_src_last_pkt_time":1685764555721287,"flow_dst_last_pkt_time":1685764555721287,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685765514548505,"l3_proto":"ip4","src_ip":"69.230.164.78","dst_ip":"90.141.37.56","src_port":55275,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":65,"packets-processed":64,"total-skipped-flows":0,"total-l4-payload-len":3546,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":61,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":61,"total-idle-flows":60,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":298,"global_ts_usec":1685768356139839} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685768356139839,"flow_src_last_pkt_time":1685768356139839,"flow_dst_last_pkt_time":1685768356139839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685768356139839,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"186.112.202.53","src_port":50660,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":62,"flow_packet_id":1,"flow_src_last_pkt_time":1685768356139839,"flow_dst_last_pkt_time":1685768356139839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685768356139839,"pkt":"xmjqc4OdPJTVQTiBCABFCABLLsoAACQRlZ5YH27bunDKNcXkAasAN1eeAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685768356139839,"flow_src_last_pkt_time":1685768356139839,"flow_dst_last_pkt_time":1685768356139839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685768356139839,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"186.112.202.53","src_port":50660,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1685765514548491,"flow_src_last_pkt_time":1685765514548505,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685768356139839,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.144.84.62","src_port":31778,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":66,"packets-processed":65,"total-skipped-flows":0,"total-l4-payload-len":3593,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":62,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":62,"total-idle-flows":61,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":303,"global_ts_usec":1685771545738452} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685771545738452,"flow_src_last_pkt_time":1685771545738452,"flow_dst_last_pkt_time":1685771545738452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685771545738452,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.114.202.61","src_port":62892,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":1,"flow_src_last_pkt_time":1685771545738452,"flow_dst_last_pkt_time":1685771545738452,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685771545738452,"pkt":"AAwp30Y4PJTVQTiBCABFCABL4vwAACIR56cjAGRzpXLKPfWsAasANywSAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685771545738452,"flow_src_last_pkt_time":1685771545738452,"flow_dst_last_pkt_time":1685771545738452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685771545738452,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.114.202.61","src_port":62892,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685768356139839,"flow_src_last_pkt_time":1685768356139839,"flow_dst_last_pkt_time":1685768356139839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685771545738452,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"186.112.202.53","src_port":50660,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":67,"packets-processed":66,"total-skipped-flows":0,"total-l4-payload-len":3640,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":63,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":63,"total-idle-flows":62,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":308,"global_ts_usec":1685783660893661} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685783660893661,"flow_src_last_pkt_time":1685783660893661,"flow_dst_last_pkt_time":1685783660893661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685783660893661,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.144.84.62","src_port":17423,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":1,"flow_src_last_pkt_time":1685783660893661,"flow_dst_last_pkt_time":1685783660893661,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685783660893661,"pkt":"AAwp30Y4PJTVQTiBCABFAABLeWAAACcRWcMiZn14pZBUPkQPAasAN+smAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01076{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685783660893661,"flow_src_last_pkt_time":1685783660893661,"flow_dst_last_pkt_time":1685783660893661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685783660893661,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.144.84.62","src_port":17423,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685771545738452,"flow_src_last_pkt_time":1685771545738452,"flow_dst_last_pkt_time":1685771545738452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685783660893661,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.114.202.61","src_port":62892,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":68,"packets-processed":67,"total-skipped-flows":0,"total-l4-payload-len":3687,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":64,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":64,"total-idle-flows":63,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":313,"global_ts_usec":1685786055859235} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786055859235,"flow_src_last_pkt_time":1685786055859235,"flow_dst_last_pkt_time":1685786055859235,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786055859235,"l3_proto":"ip4","src_ip":"70.232.230.229","dst_ip":"85.111.52.57","src_port":51197,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":1,"flow_src_last_pkt_time":1685786055859235,"flow_dst_last_pkt_time":1685786055859235,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685786055859235,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbd9G6OblVW80Ocf9AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786055859235,"flow_src_last_pkt_time":1685786055859235,"flow_dst_last_pkt_time":1685786055859235,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786055859235,"l3_proto":"ip4","src_ip":"70.232.230.229","dst_ip":"85.111.52.57","src_port":51197,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685783660893661,"flow_src_last_pkt_time":1685783660893661,"flow_dst_last_pkt_time":1685783660893661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786055859235,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.144.84.62","src_port":17423,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":69,"packets-processed":68,"total-skipped-flows":0,"total-l4-payload-len":3716,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":65,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":65,"total-idle-flows":64,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":318,"global_ts_usec":1685786672936242} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786672936242,"flow_src_last_pkt_time":1685786672936242,"flow_dst_last_pkt_time":1685786672936242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786672936242,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"165.144.84.62","src_port":51708,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":66,"flow_packet_id":1,"flow_src_last_pkt_time":1685786672936242,"flow_dst_last_pkt_time":1685786672936242,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685786672936242,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRX96s7ZjRpZBUPsn8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786672936242,"flow_src_last_pkt_time":1685786672936242,"flow_dst_last_pkt_time":1685786672936242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786672936242,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"165.144.84.62","src_port":51708,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786055859235,"flow_src_last_pkt_time":1685786055859235,"flow_dst_last_pkt_time":1685786055859235,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786672936242,"l3_proto":"ip4","src_ip":"70.232.230.229","dst_ip":"85.111.52.57","src_port":51197,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":70,"packets-processed":69,"total-skipped-flows":0,"total-l4-payload-len":3745,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":66,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":66,"total-idle-flows":65,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":323,"global_ts_usec":1685787446315396} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685787446315396,"flow_src_last_pkt_time":1685787446315396,"flow_dst_last_pkt_time":1685787446315396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685787446315396,"l3_proto":"ip4","src_ip":"58.36.157.61","dst_ip":"74.111.203.55","src_port":53238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":1,"flow_src_last_pkt_time":1685787446315396,"flow_dst_last_pkt_time":1685787446315396,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685787446315396,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRbFE6JJ09Sm\/LN8\/2AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685787446315396,"flow_src_last_pkt_time":1685787446315396,"flow_dst_last_pkt_time":1685787446315396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685787446315396,"l3_proto":"ip4","src_ip":"58.36.157.61","dst_ip":"74.111.203.55","src_port":53238,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786672936242,"flow_src_last_pkt_time":1685786672936242,"flow_dst_last_pkt_time":1685786672936242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685787446315396,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"165.144.84.62","src_port":51708,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":71,"packets-processed":70,"total-skipped-flows":0,"total-l4-payload-len":3774,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":67,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":67,"total-idle-flows":66,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":328,"global_ts_usec":1685789104454151} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685789104454151,"flow_src_last_pkt_time":1685789104454151,"flow_dst_last_pkt_time":1685789104454151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685789104454151,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"85.111.52.57","src_port":37207,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":1,"flow_src_last_pkt_time":1685789104454151,"flow_dst_last_pkt_time":1685789104454151,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685789104454151,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLkZcAACQRMtHjhlHUVW80OZFXAasAN4wrAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685789104454151,"flow_src_last_pkt_time":1685789104454151,"flow_dst_last_pkt_time":1685789104454151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685789104454151,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"85.111.52.57","src_port":37207,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685787446315396,"flow_src_last_pkt_time":1685787446315396,"flow_dst_last_pkt_time":1685787446315396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685789104454151,"l3_proto":"ip4","src_ip":"58.36.157.61","dst_ip":"74.111.203.55","src_port":53238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":72,"packets-processed":71,"total-skipped-flows":0,"total-l4-payload-len":3821,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":68,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":68,"total-idle-flows":67,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":333,"global_ts_usec":1685798769239701} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685798769239701,"flow_src_last_pkt_time":1685798769239701,"flow_dst_last_pkt_time":1685798769239701,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685798769239701,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"85.111.52.57","src_port":51157,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":1,"flow_src_last_pkt_time":1685798769239701,"flow_dst_last_pkt_time":1685798769239701,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685798769239701,"pkt":"moT+\/Ph8PJTVQTiBCABFCABL6mEAACIR4FInO4t5VW80OcfVAasAN1n5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685798769239701,"flow_src_last_pkt_time":1685798769239701,"flow_dst_last_pkt_time":1685798769239701,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685798769239701,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"85.111.52.57","src_port":51157,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685789104454151,"flow_src_last_pkt_time":1685789104454151,"flow_dst_last_pkt_time":1685789104454151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685798769239701,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"85.111.52.57","src_port":37207,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":73,"packets-processed":72,"total-skipped-flows":0,"total-l4-payload-len":3868,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":69,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":69,"total-idle-flows":68,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":338,"global_ts_usec":1685802654160689} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685802654160689,"flow_src_last_pkt_time":1685802654160689,"flow_dst_last_pkt_time":1685802654160689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685802654160689,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.111.212.50","src_port":45177,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":70,"flow_packet_id":1,"flow_src_last_pkt_time":1685802654160689,"flow_dst_last_pkt_time":1685802654160689,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685802654160689,"pkt":"AAwp30Y4PJTVQTiBCABFCABLGncAACQRqffjhlHUWm\/UMrB5AasAN20PAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685802654160689,"flow_src_last_pkt_time":1685802654160689,"flow_dst_last_pkt_time":1685802654160689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685802654160689,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.111.212.50","src_port":45177,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685798769239701,"flow_src_last_pkt_time":1685798769239701,"flow_dst_last_pkt_time":1685798769239701,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685802654160689,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"85.111.52.57","src_port":51157,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":74,"packets-processed":73,"total-skipped-flows":0,"total-l4-payload-len":3915,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":70,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":70,"total-idle-flows":69,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":343,"global_ts_usec":1685803636118223} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685803636118223,"flow_src_last_pkt_time":1685803636118223,"flow_dst_last_pkt_time":1685803636118223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685803636118223,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"165.114.202.61","src_port":47772,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":71,"flow_packet_id":1,"flow_src_last_pkt_time":1685803636118223,"flow_dst_last_pkt_time":1685803636118223,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685803636118223,"pkt":"AAwp30Y4PJTVQTiBCABFCABL\/N4AACQRx31nR5LepXLKPbqcAasAN2LaAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685803636118223,"flow_src_last_pkt_time":1685803636118223,"flow_dst_last_pkt_time":1685803636118223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685803636118223,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"165.114.202.61","src_port":47772,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685802654160689,"flow_src_last_pkt_time":1685802654160689,"flow_dst_last_pkt_time":1685802654160689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685803636118223,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.111.212.50","src_port":45177,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":75,"packets-processed":74,"total-skipped-flows":0,"total-l4-payload-len":3962,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":71,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":71,"total-idle-flows":70,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":348,"global_ts_usec":1685804974645010} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685804974645010,"flow_src_last_pkt_time":1685804974645010,"flow_dst_last_pkt_time":1685804974645010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685804974645010,"l3_proto":"ip4","src_ip":"238.132.112.150","dst_ip":"90.147.171.51","src_port":44248,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":1,"flow_src_last_pkt_time":1685804974645010,"flow_dst_last_pkt_time":1685804974645010,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685804974645010,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpTLuhHCWWpOrM6zYAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685804974645010,"flow_src_last_pkt_time":1685804974645010,"flow_dst_last_pkt_time":1685804974645010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685804974645010,"l3_proto":"ip4","src_ip":"238.132.112.150","dst_ip":"90.147.171.51","src_port":44248,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685803636118223,"flow_src_last_pkt_time":1685803636118223,"flow_dst_last_pkt_time":1685803636118223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685804974645010,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"165.114.202.61","src_port":47772,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":76,"packets-processed":75,"total-skipped-flows":0,"total-l4-payload-len":4060,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":72,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":72,"total-idle-flows":71,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":353,"global_ts_usec":1685805765811289} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685805765811289,"flow_src_last_pkt_time":1685805765811289,"flow_dst_last_pkt_time":1685805765811289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685805765811289,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":47037,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":1,"flow_src_last_pkt_time":1685805765811289,"flow_dst_last_pkt_time":1685805765811289,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685805765811289,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPIRCw+GtJCVWpG0Ore9AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685805765811289,"flow_src_last_pkt_time":1685805765811289,"flow_dst_last_pkt_time":1685805765811289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685805765811289,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":47037,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685804974645010,"flow_src_last_pkt_time":1685804974645010,"flow_dst_last_pkt_time":1685804974645010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685805765811289,"l3_proto":"ip4","src_ip":"238.132.112.150","dst_ip":"90.147.171.51","src_port":44248,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685806301914300,"flow_src_last_pkt_time":1685806301914300,"flow_dst_last_pkt_time":1685806301914300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685806301914300,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"90.111.212.50","src_port":44475,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":74,"flow_packet_id":1,"flow_src_last_pkt_time":1685806301914300,"flow_dst_last_pkt_time":1685806301914300,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685806301914300,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSvsm2CTWm\/UMq27AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685806301914300,"flow_src_last_pkt_time":1685806301914300,"flow_dst_last_pkt_time":1685806301914300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685806301914300,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"90.111.212.50","src_port":44475,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685805765811289,"flow_src_last_pkt_time":1685805765811289,"flow_dst_last_pkt_time":1685805765811289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685806301914300,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":47037,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":78,"packets-processed":77,"total-skipped-flows":0,"total-l4-payload-len":4256,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":74,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":74,"total-idle-flows":73,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":362,"global_ts_usec":1685809385375373} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809385375373,"flow_src_last_pkt_time":1685809385375373,"flow_dst_last_pkt_time":1685809385375373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809385375373,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"74.111.203.55","src_port":33156,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":75,"flow_packet_id":1,"flow_src_last_pkt_time":1685809385375373,"flow_dst_last_pkt_time":1685809385375373,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685809385375373,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAOsREge2tHiLSm\/LN4GEAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809385375373,"flow_src_last_pkt_time":1685809385375373,"flow_dst_last_pkt_time":1685809385375373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809385375373,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"74.111.203.55","src_port":33156,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":79,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685806301914300,"flow_src_last_pkt_time":1685806301914300,"flow_dst_last_pkt_time":1685806301914300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809385375373,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"90.111.212.50","src_port":44475,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":79,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809633823277,"flow_src_last_pkt_time":1685809633823277,"flow_dst_last_pkt_time":1685809633823277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809633823277,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"90.141.37.56","src_port":49052,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":79,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":1,"flow_src_last_pkt_time":1685809633823277,"flow_dst_last_pkt_time":1685809633823277,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685809633823277,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAPARqCMTY5OUWo0lOL+cAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":79,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809633823277,"flow_src_last_pkt_time":1685809633823277,"flow_dst_last_pkt_time":1685809633823277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809633823277,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"90.141.37.56","src_port":49052,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809385375373,"flow_src_last_pkt_time":1685809385375373,"flow_dst_last_pkt_time":1685809385375373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809633823277,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"74.111.203.55","src_port":33156,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":80,"packets-processed":79,"total-skipped-flows":0,"total-l4-payload-len":4452,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":76,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":76,"total-idle-flows":75,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":371,"global_ts_usec":1685810288436552} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685810288436552,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685810288436552,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"165.114.202.61","src_port":44018,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":1,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685810288436552,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSkve7GapXLKPavyAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685810288436552,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685810288436552,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"165.114.202.61","src_port":44018,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":81,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685810288436552,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685810288436552,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.144.84.62","src_port":37387,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":81,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":78,"flow_packet_id":1,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685810288436552,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsRrBkuZGGTpZBUPpILAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":81,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685810288436552,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685810288436552,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.144.84.62","src_port":37387,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809633823277,"flow_src_last_pkt_time":1685809633823277,"flow_dst_last_pkt_time":1685809633823277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685810288436552,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"90.141.37.56","src_port":49052,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":82,"packets-processed":81,"total-skipped-flows":0,"total-l4-payload-len":4648,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":78,"total-detection-updates":0,"total-updates":14,"current-active-flows":2,"total-active-flows":78,"total-idle-flows":76,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":379,"global_ts_usec":1685812438394439} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812438394439,"flow_src_last_pkt_time":1685812438394439,"flow_dst_last_pkt_time":1685812438394439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812438394439,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":48737,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":79,"flow_packet_id":1,"flow_src_last_pkt_time":1685812438394439,"flow_dst_last_pkt_time":1685812438394439,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685812438394439,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAOsREgyGtJCVunDKNb5hAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812438394439,"flow_src_last_pkt_time":1685812438394439,"flow_dst_last_pkt_time":1685812438394439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812438394439,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":48737,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685810288436552,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812438394439,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.144.84.62","src_port":37387,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685810288436552,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812438394439,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"165.114.202.61","src_port":44018,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812605076027,"flow_src_last_pkt_time":1685812605076027,"flow_dst_last_pkt_time":1685812605076027,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812605076027,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"69.109.187.54","src_port":57533,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":80,"flow_packet_id":1,"flow_src_last_pkt_time":1685812605076027,"flow_dst_last_pkt_time":1685812605076027,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685812605076027,"pkt":"bpHurUgdPJTVQTiBCABFCAB+1DEAAPARDIvItJByRW27NuC9AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812605076027,"flow_src_last_pkt_time":1685812605076027,"flow_dst_last_pkt_time":1685812605076027,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812605076027,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"69.109.187.54","src_port":57533,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":84,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812438394439,"flow_src_last_pkt_time":1685812438394439,"flow_dst_last_pkt_time":1685812438394439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812605076027,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":48737,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":84,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812825868185,"flow_src_last_pkt_time":1685812825868185,"flow_dst_last_pkt_time":1685812825868185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812825868185,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"85.111.52.57","src_port":35950,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":84,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":81,"flow_packet_id":1,"flow_src_last_pkt_time":1685812825868185,"flow_dst_last_pkt_time":1685812825868185,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685812825868185,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPMRpS4ve7GaVW80OYxuAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":84,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812825868185,"flow_src_last_pkt_time":1685812825868185,"flow_dst_last_pkt_time":1685812825868185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812825868185,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"85.111.52.57","src_port":35950,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812605076027,"flow_src_last_pkt_time":1685812605076027,"flow_dst_last_pkt_time":1685812605076027,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812825868185,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"69.109.187.54","src_port":57533,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812438394439,"flow_src_last_pkt_time":1685812438394439,"flow_dst_last_pkt_time":1685812438394439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812825868185,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":48737,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":85,"packets-processed":84,"total-skipped-flows":0,"total-l4-payload-len":4942,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":81,"total-detection-updates":0,"total-updates":15,"current-active-flows":1,"total-active-flows":81,"total-idle-flows":80,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":394,"global_ts_usec":1685823608659744} +00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685823608659744,"flow_src_last_pkt_time":1685823608659744,"flow_dst_last_pkt_time":1685823608659744,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685823608659744,"l3_proto":"ip4","src_ip":"44.49.31.2","dst_ip":"90.147.171.51","src_port":51197,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":82,"flow_packet_id":1,"flow_src_last_pkt_time":1685823608659744,"flow_dst_last_pkt_time":1685823608659744,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685823608659744,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXkwsMR8CWpOrM8f9AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01066{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685823608659744,"flow_src_last_pkt_time":1685823608659744,"flow_dst_last_pkt_time":1685823608659744,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685823608659744,"l3_proto":"ip4","src_ip":"44.49.31.2","dst_ip":"90.147.171.51","src_port":51197,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":86,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812825868185,"flow_src_last_pkt_time":1685812825868185,"flow_dst_last_pkt_time":1685812825868185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685823608659744,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"85.111.52.57","src_port":35950,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":86,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685824045529363,"flow_src_last_pkt_time":1685824045529363,"flow_dst_last_pkt_time":1685824045529363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685824045529363,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":54379,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":86,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":83,"flow_packet_id":1,"flow_src_last_pkt_time":1685824045529363,"flow_dst_last_pkt_time":1685824045529363,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685824045529363,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPIRpTATY5KcWpG0OtRrAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":86,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685824045529363,"flow_src_last_pkt_time":1685824045529363,"flow_dst_last_pkt_time":1685824045529363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685824045529363,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":54379,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01105{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685823608659744,"flow_src_last_pkt_time":1685823608659744,"flow_dst_last_pkt_time":1685823608659744,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685824045529363,"l3_proto":"ip4","src_ip":"44.49.31.2","dst_ip":"90.147.171.51","src_port":51197,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":87,"packets-processed":86,"total-skipped-flows":0,"total-l4-payload-len":5069,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":83,"total-detection-updates":0,"total-updates":15,"current-active-flows":1,"total-active-flows":83,"total-idle-flows":82,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":403,"global_ts_usec":1685833753925206} +00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833753925206,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833753925206,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"69.109.187.54","src_port":55450,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":1,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685833753925206,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRXlSuMgcLRW27NtiaAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01067{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833753925206,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833753925206,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"69.109.187.54","src_port":55450,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":88,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685824045529363,"flow_src_last_pkt_time":1685824045529363,"flow_dst_last_pkt_time":1685824045529363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833753925206,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":54379,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":88,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833820099618,"flow_src_last_pkt_time":1685833820099618,"flow_dst_last_pkt_time":1685833820099618,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833820099618,"l3_proto":"ip4","src_ip":"58.218.184.177","dst_ip":"90.111.212.50","src_port":54059,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":88,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":85,"flow_packet_id":1,"flow_src_last_pkt_time":1685833820099618,"flow_dst_last_pkt_time":1685833820099618,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685833820099618,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbfk62rixWm\/UMtMrAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":88,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833820099618,"flow_src_last_pkt_time":1685833820099618,"flow_dst_last_pkt_time":1685833820099618,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833820099618,"l3_proto":"ip4","src_ip":"58.218.184.177","dst_ip":"90.111.212.50","src_port":54059,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833753925206,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833820099618,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"69.109.187.54","src_port":55450,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":89,"packets-processed":88,"total-skipped-flows":0,"total-l4-payload-len":5127,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":85,"total-detection-updates":0,"total-updates":16,"current-active-flows":2,"total-active-flows":85,"total-idle-flows":83,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":412,"global_ts_usec":1685837260196335} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685837260196335,"flow_src_last_pkt_time":1685837260196335,"flow_dst_last_pkt_time":1685837260196335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685837260196335,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.145.180.58","src_port":40383,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":86,"flow_packet_id":1,"flow_src_last_pkt_time":1685837260196335,"flow_dst_last_pkt_time":1685837260196335,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685837260196335,"pkt":"bs1PogZtPJTVQTiBCABFCABLWQ0AACIRcZkfAJpyWpG0Op2\/AasAN4QBAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685837260196335,"flow_src_last_pkt_time":1685837260196335,"flow_dst_last_pkt_time":1685837260196335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685837260196335,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.145.180.58","src_port":40383,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01106{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833753925206,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685837260196335,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"69.109.187.54","src_port":55450,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833820099618,"flow_src_last_pkt_time":1685833820099618,"flow_dst_last_pkt_time":1685833820099618,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685837260196335,"l3_proto":"ip4","src_ip":"58.218.184.177","dst_ip":"90.111.212.50","src_port":54059,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":90,"packets-processed":89,"total-skipped-flows":0,"total-l4-payload-len":5174,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":86,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":86,"total-idle-flows":85,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":418,"global_ts_usec":1685838786050204} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685838786050204,"flow_src_last_pkt_time":1685838786050204,"flow_dst_last_pkt_time":1685838786050204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685838786050204,"l3_proto":"ip4","src_ip":"66.228.194.219","dst_ip":"186.112.202.53","src_port":53105,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":87,"flow_packet_id":1,"flow_src_last_pkt_time":1685838786050204,"flow_dst_last_pkt_time":1685838786050204,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685838786050204,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbcNC5MLbunDKNc9xAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685838786050204,"flow_src_last_pkt_time":1685838786050204,"flow_dst_last_pkt_time":1685838786050204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685838786050204,"l3_proto":"ip4","src_ip":"66.228.194.219","dst_ip":"186.112.202.53","src_port":53105,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685837260196335,"flow_src_last_pkt_time":1685837260196335,"flow_dst_last_pkt_time":1685837260196335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685838786050204,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.145.180.58","src_port":40383,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":91,"packets-processed":90,"total-skipped-flows":0,"total-l4-payload-len":5203,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":87,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":87,"total-idle-flows":86,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":423,"global_ts_usec":1685845591689038} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685845591689038,"flow_src_last_pkt_time":1685845591689038,"flow_dst_last_pkt_time":1685845591689038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685845591689038,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":43759,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":88,"flow_packet_id":1,"flow_src_last_pkt_time":1685845591689038,"flow_dst_last_pkt_time":1685845591689038,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685845591689038,"pkt":"ipffLU2SPJTVQTiBCABFAABSAK0AAG0RE\/VDnxCWSm\/LN6rvAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685845591689038,"flow_src_last_pkt_time":1685845591689038,"flow_dst_last_pkt_time":1685845591689038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685845591689038,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":43759,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685838786050204,"flow_src_last_pkt_time":1685838786050204,"flow_dst_last_pkt_time":1685838786050204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685845591689038,"l3_proto":"ip4","src_ip":"66.228.194.219","dst_ip":"186.112.202.53","src_port":53105,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":92,"packets-processed":91,"total-skipped-flows":0,"total-l4-payload-len":5257,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":88,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":88,"total-idle-flows":87,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":428,"global_ts_usec":1685846371302206} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685846371302206,"flow_src_last_pkt_time":1685846371302206,"flow_dst_last_pkt_time":1685846371302206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685846371302206,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":53596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":1,"flow_src_last_pkt_time":1685846371302206,"flow_dst_last_pkt_time":1685846371302206,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685846371302206,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMtFcAasAJRkeAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685846371302206,"flow_src_last_pkt_time":1685846371302206,"flow_dst_last_pkt_time":1685846371302206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685846371302206,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":53596,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685845591689038,"flow_src_last_pkt_time":1685845591689038,"flow_dst_last_pkt_time":1685845591689038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685846371302206,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":43759,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":93,"packets-processed":92,"total-skipped-flows":0,"total-l4-payload-len":5286,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":89,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":89,"total-idle-flows":88,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":433,"global_ts_usec":1685847518566522} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685847518566522,"flow_src_last_pkt_time":1685847518566522,"flow_dst_last_pkt_time":1685847518566522,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685847518566522,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":47879,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":1,"flow_src_last_pkt_time":1685847518566522,"flow_dst_last_pkt_time":1685847518566522,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685847518566522,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27NrsHAasAJS9xAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685847518566522,"flow_src_last_pkt_time":1685847518566522,"flow_dst_last_pkt_time":1685847518566522,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685847518566522,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":47879,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":94,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685846371302206,"flow_src_last_pkt_time":1685846371302206,"flow_dst_last_pkt_time":1685846371302206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685847518566522,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":53596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":94,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685848000557988,"flow_src_last_pkt_time":1685848000557988,"flow_dst_last_pkt_time":1685848000557988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685848000557988,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":44785,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":94,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":91,"flow_packet_id":1,"flow_src_last_pkt_time":1685848000557988,"flow_dst_last_pkt_time":1685848000557988,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685848000557988,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM67xAasAJTuKAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":94,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685848000557988,"flow_src_last_pkt_time":1685848000557988,"flow_dst_last_pkt_time":1685848000557988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685848000557988,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":44785,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685847518566522,"flow_src_last_pkt_time":1685847518566522,"flow_dst_last_pkt_time":1685847518566522,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685848000557988,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":47879,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":95,"packets-processed":94,"total-skipped-flows":0,"total-l4-payload-len":5344,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":91,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":91,"total-idle-flows":90,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":442,"global_ts_usec":1685849540053899} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849540053899,"flow_src_last_pkt_time":1685849540053899,"flow_dst_last_pkt_time":1685849540053899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849540053899,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":51364,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":92,"flow_packet_id":1,"flow_src_last_pkt_time":1685849540053899,"flow_dst_last_pkt_time":1685849540053899,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685849540053899,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPsikAasAJSHMAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849540053899,"flow_src_last_pkt_time":1685849540053899,"flow_dst_last_pkt_time":1685849540053899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849540053899,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":51364,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":96,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685848000557988,"flow_src_last_pkt_time":1685848000557988,"flow_dst_last_pkt_time":1685848000557988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849540053899,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":44785,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":96,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849664860009,"flow_src_last_pkt_time":1685849664860009,"flow_dst_last_pkt_time":1685849664860009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849664860009,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41690,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":96,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":1,"flow_src_last_pkt_time":1685849664860009,"flow_dst_last_pkt_time":1685849664860009,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685849664860009,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN6LaAasAJUefAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":96,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849664860009,"flow_src_last_pkt_time":1685849664860009,"flow_dst_last_pkt_time":1685849664860009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849664860009,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41690,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849540053899,"flow_src_last_pkt_time":1685849540053899,"flow_dst_last_pkt_time":1685849540053899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849664860009,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":51364,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849733217189,"flow_src_last_pkt_time":1685849733217189,"flow_dst_last_pkt_time":1685849733217189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849733217189,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":51228,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":1,"flow_src_last_pkt_time":1685849733217189,"flow_dst_last_pkt_time":1685849733217189,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685849733217189,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPcgcAasAJSJTAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849733217189,"flow_src_last_pkt_time":1685849733217189,"flow_dst_last_pkt_time":1685849733217189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849733217189,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":51228,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849540053899,"flow_src_last_pkt_time":1685849540053899,"flow_dst_last_pkt_time":1685849540053899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849733217189,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":51364,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849664860009,"flow_src_last_pkt_time":1685849664860009,"flow_dst_last_pkt_time":1685849664860009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849733217189,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41690,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":98,"packets-processed":97,"total-skipped-flows":0,"total-l4-payload-len":5431,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":94,"total-detection-updates":0,"total-updates":18,"current-active-flows":2,"total-active-flows":94,"total-idle-flows":92,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":456,"global_ts_usec":1685851175046998} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851175046998,"flow_src_last_pkt_time":1685851175046998,"flow_dst_last_pkt_time":1685851175046998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851175046998,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.141.37.56","src_port":59682,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":1,"flow_src_last_pkt_time":1685851175046998,"flow_dst_last_pkt_time":1685851175046998,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685851175046998,"pkt":"3jHC4dyOPJTVQTiBCABFCABL904AACIR01kj\/EVxWo0lOOkiAasANzigAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851175046998,"flow_src_last_pkt_time":1685851175046998,"flow_dst_last_pkt_time":1685851175046998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851175046998,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.141.37.56","src_port":59682,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":99,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849664860009,"flow_src_last_pkt_time":1685849664860009,"flow_dst_last_pkt_time":1685849664860009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851175046998,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41690,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":99,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849733217189,"flow_src_last_pkt_time":1685849733217189,"flow_dst_last_pkt_time":1685849733217189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851175046998,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":51228,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":99,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851293085114,"flow_src_last_pkt_time":1685851293085114,"flow_dst_last_pkt_time":1685851293085114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851293085114,"l3_proto":"ip4","src_ip":"208.209.71.22","dst_ip":"85.111.52.57","src_port":55733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":99,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":96,"flow_packet_id":1,"flow_src_last_pkt_time":1685851293085114,"flow_dst_last_pkt_time":1685851293085114,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685851293085114,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRX13Q0UcWVW80Odm1AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":99,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851293085114,"flow_src_last_pkt_time":1685851293085114,"flow_dst_last_pkt_time":1685851293085114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851293085114,"l3_proto":"ip4","src_ip":"208.209.71.22","dst_ip":"85.111.52.57","src_port":55733,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":100,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851175046998,"flow_src_last_pkt_time":1685851175046998,"flow_dst_last_pkt_time":1685851175046998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851293085114,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.141.37.56","src_port":59682,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":100,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851372073022,"flow_src_last_pkt_time":1685851372073022,"flow_dst_last_pkt_time":1685851372073022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851372073022,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":40943,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":100,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":97,"flow_packet_id":1,"flow_src_last_pkt_time":1685851372073022,"flow_dst_last_pkt_time":1685851372073022,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685851372073022,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lOJ\/vAasAJUqGAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":100,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851372073022,"flow_src_last_pkt_time":1685851372073022,"flow_dst_last_pkt_time":1685851372073022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851372073022,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":40943,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851175046998,"flow_src_last_pkt_time":1685851175046998,"flow_dst_last_pkt_time":1685851175046998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851372073022,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.141.37.56","src_port":59682,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851293085114,"flow_src_last_pkt_time":1685851293085114,"flow_dst_last_pkt_time":1685851293085114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851372073022,"l3_proto":"ip4","src_ip":"208.209.71.22","dst_ip":"85.111.52.57","src_port":55733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00585{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":101,"packets-processed":100,"total-skipped-flows":0,"total-l4-payload-len":5536,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":97,"total-detection-updates":0,"total-updates":20,"current-active-flows":2,"total-active-flows":97,"total-idle-flows":95,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":471,"global_ts_usec":1685852052162325} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685852052162325,"flow_src_last_pkt_time":1685852052162325,"flow_dst_last_pkt_time":1685852052162325,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685852052162325,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":33048,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":98,"flow_packet_id":1,"flow_src_last_pkt_time":1685852052162325,"flow_dst_last_pkt_time":1685852052162325,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685852052162325,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPURKLTIH5CeWpG0OoEYAasAJWlaAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685852052162325,"flow_src_last_pkt_time":1685852052162325,"flow_dst_last_pkt_time":1685852052162325,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685852052162325,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":33048,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851293085114,"flow_src_last_pkt_time":1685851293085114,"flow_dst_last_pkt_time":1685851293085114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685852052162325,"l3_proto":"ip4","src_ip":"208.209.71.22","dst_ip":"85.111.52.57","src_port":55733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851372073022,"flow_src_last_pkt_time":1685851372073022,"flow_dst_last_pkt_time":1685851372073022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685852052162325,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":40943,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00585{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":102,"packets-processed":101,"total-skipped-flows":0,"total-l4-payload-len":5565,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":98,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":98,"total-idle-flows":97,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":477,"global_ts_usec":1685860258822121} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685860258822121,"flow_src_last_pkt_time":1685860258822121,"flow_dst_last_pkt_time":1685860258822121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685860258822121,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":47964,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":99,"flow_packet_id":1,"flow_src_last_pkt_time":1685860258822121,"flow_dst_last_pkt_time":1685860258822121,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685860258822121,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAO0RqigTnLybunDKNbtcAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685860258822121,"flow_src_last_pkt_time":1685860258822121,"flow_dst_last_pkt_time":1685860258822121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685860258822121,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":47964,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685852052162325,"flow_src_last_pkt_time":1685852052162325,"flow_dst_last_pkt_time":1685852052162325,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685860258822121,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":33048,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00585{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":103,"packets-processed":102,"total-skipped-flows":0,"total-l4-payload-len":5663,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":99,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":99,"total-idle-flows":98,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":482,"global_ts_usec":1685863658998957} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685863658998957,"flow_src_last_pkt_time":1685863658998957,"flow_dst_last_pkt_time":1685863658998957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685863658998957,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":54477,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":100,"flow_packet_id":1,"flow_src_last_pkt_time":1685863658998957,"flow_dst_last_pkt_time":1685863658998957,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685863658998957,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRYDnSDNiXWpG0OtTNAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685863658998957,"flow_src_last_pkt_time":1685863658998957,"flow_dst_last_pkt_time":1685863658998957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685863658998957,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":54477,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685860258822121,"flow_src_last_pkt_time":1685860258822121,"flow_dst_last_pkt_time":1685860258822121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685863658998957,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":47964,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00587{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":104,"packets-processed":103,"total-skipped-flows":0,"total-l4-payload-len":5692,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":100,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":100,"total-idle-flows":99,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":487,"global_ts_usec":1685866496459415} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685866496459415,"flow_src_last_pkt_time":1685866496459415,"flow_dst_last_pkt_time":1685866496459415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685866496459415,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.141.37.56","src_port":52969,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":101,"flow_packet_id":1,"flow_src_last_pkt_time":1685866496459415,"flow_dst_last_pkt_time":1685866496459415,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685866496459415,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRbM9GHGX8Wo0lOM7pAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685866496459415,"flow_src_last_pkt_time":1685866496459415,"flow_dst_last_pkt_time":1685866496459415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685866496459415,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.141.37.56","src_port":52969,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685863658998957,"flow_src_last_pkt_time":1685863658998957,"flow_dst_last_pkt_time":1685863658998957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685866496459415,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":54477,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":105,"packets-processed":104,"total-skipped-flows":0,"total-l4-payload-len":5721,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":101,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":101,"total-idle-flows":100,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":492,"global_ts_usec":1685868922612761} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685868922612761,"flow_src_last_pkt_time":1685868922612761,"flow_dst_last_pkt_time":1685868922612761,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685868922612761,"l3_proto":"ip4","src_ip":"57.3.49.213","dst_ip":"74.111.203.55","src_port":25820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":102,"flow_packet_id":1,"flow_src_last_pkt_time":1685868922612761,"flow_dst_last_pkt_time":1685868922612761,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685868922612761,"pkt":"ipffLU2SPJTVQTiBCABFAAA+wDFAADQRPtU5AzHVSm\/LN2TcAasAKsLmAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685868922612761,"flow_src_last_pkt_time":1685868922612761,"flow_dst_last_pkt_time":1685868922612761,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685868922612761,"l3_proto":"ip4","src_ip":"57.3.49.213","dst_ip":"74.111.203.55","src_port":25820,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":106,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685866496459415,"flow_src_last_pkt_time":1685866496459415,"flow_dst_last_pkt_time":1685866496459415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685868922612761,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.141.37.56","src_port":52969,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":106,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869117973932,"flow_src_last_pkt_time":1685869117973932,"flow_dst_last_pkt_time":1685869117973932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869117973932,"l3_proto":"ip4","src_ip":"70.193.198.250","dst_ip":"69.109.187.54","src_port":29011,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":106,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":103,"flow_packet_id":1,"flow_src_last_pkt_time":1685869117973932,"flow_dst_last_pkt_time":1685869117973932,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685869117973932,"pkt":"bpHurUgdPJTVQTiBCABFAAA+ZfVAADQRmRxGwcb6RW27NnFTAasAKrZ6AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":106,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869117973932,"flow_src_last_pkt_time":1685869117973932,"flow_dst_last_pkt_time":1685869117973932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869117973932,"l3_proto":"ip4","src_ip":"70.193.198.250","dst_ip":"69.109.187.54","src_port":29011,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685868922612761,"flow_src_last_pkt_time":1685868922612761,"flow_dst_last_pkt_time":1685868922612761,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869117973932,"l3_proto":"ip4","src_ip":"57.3.49.213","dst_ip":"74.111.203.55","src_port":25820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":107,"packets-processed":106,"total-skipped-flows":0,"total-l4-payload-len":5789,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":103,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":103,"total-idle-flows":102,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":501,"global_ts_usec":1685869695331980} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869695331980,"flow_src_last_pkt_time":1685869695331980,"flow_dst_last_pkt_time":1685869695331980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869695331980,"l3_proto":"ip4","src_ip":"87.0.217.242","dst_ip":"85.111.52.57","src_port":54220,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":104,"flow_packet_id":1,"flow_src_last_pkt_time":1685869695331980,"flow_dst_last_pkt_time":1685869695331980,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685869695331980,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+88RAADQRC1FXANnyVW80OdPMAasAKlQFAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869695331980,"flow_src_last_pkt_time":1685869695331980,"flow_dst_last_pkt_time":1685869695331980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869695331980,"l3_proto":"ip4","src_ip":"87.0.217.242","dst_ip":"85.111.52.57","src_port":54220,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":108,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869117973932,"flow_src_last_pkt_time":1685869117973932,"flow_dst_last_pkt_time":1685869117973932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869695331980,"l3_proto":"ip4","src_ip":"70.193.198.250","dst_ip":"69.109.187.54","src_port":29011,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":108,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870241871015,"flow_src_last_pkt_time":1685870241871015,"flow_dst_last_pkt_time":1685870241871015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870241871015,"l3_proto":"ip4","src_ip":"54.251.198.222","dst_ip":"165.144.84.62","src_port":40998,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":108,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":105,"flow_packet_id":1,"flow_src_last_pkt_time":1685870241871015,"flow_dst_last_pkt_time":1685870241871015,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685870241871015,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+NXBAADQRyYU2+8bepZBUPqAmAasAKoeLAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01076{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":108,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870241871015,"flow_src_last_pkt_time":1685870241871015,"flow_dst_last_pkt_time":1685870241871015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870241871015,"l3_proto":"ip4","src_ip":"54.251.198.222","dst_ip":"165.144.84.62","src_port":40998,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869695331980,"flow_src_last_pkt_time":1685869695331980,"flow_dst_last_pkt_time":1685869695331980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870241871015,"l3_proto":"ip4","src_ip":"87.0.217.242","dst_ip":"85.111.52.57","src_port":54220,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":109,"packets-processed":108,"total-skipped-flows":0,"total-l4-payload-len":5857,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":105,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":105,"total-idle-flows":104,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":510,"global_ts_usec":1685870479493725} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870479493725,"flow_src_last_pkt_time":1685870479493725,"flow_dst_last_pkt_time":1685870479493725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870479493725,"l3_proto":"ip4","src_ip":"87.39.57.211","dst_ip":"90.141.37.56","src_port":42486,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":106,"flow_packet_id":1,"flow_src_last_pkt_time":1685870479493725,"flow_dst_last_pkt_time":1685870479493725,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685870479493725,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+4zlAADQRG81XJznTWo0lOKX2AasAKoHMAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870479493725,"flow_src_last_pkt_time":1685870479493725,"flow_dst_last_pkt_time":1685870479493725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870479493725,"l3_proto":"ip4","src_ip":"87.39.57.211","dst_ip":"90.141.37.56","src_port":42486,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":110,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870241871015,"flow_src_last_pkt_time":1685870241871015,"flow_dst_last_pkt_time":1685870241871015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870479493725,"l3_proto":"ip4","src_ip":"54.251.198.222","dst_ip":"165.144.84.62","src_port":40998,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":110,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870701070559,"flow_src_last_pkt_time":1685870701070559,"flow_dst_last_pkt_time":1685870701070559,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870701070559,"l3_proto":"ip4","src_ip":"88.219.46.235","dst_ip":"90.147.171.51","src_port":7636,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":110,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":107,"flow_packet_id":1,"flow_src_last_pkt_time":1685870701070559,"flow_dst_last_pkt_time":1685870701070559,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685870701070559,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+HQ1AADQR4htY2y7rWpOrMx3UAasAKgoRAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":110,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870701070559,"flow_src_last_pkt_time":1685870701070559,"flow_dst_last_pkt_time":1685870701070559,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870701070559,"l3_proto":"ip4","src_ip":"88.219.46.235","dst_ip":"90.147.171.51","src_port":7636,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":111,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870479493725,"flow_src_last_pkt_time":1685870479493725,"flow_dst_last_pkt_time":1685870479493725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870701070559,"l3_proto":"ip4","src_ip":"87.39.57.211","dst_ip":"90.141.37.56","src_port":42486,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":111,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870800640514,"flow_src_last_pkt_time":1685870800640514,"flow_dst_last_pkt_time":1685870800640514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870800640514,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"74.111.203.55","src_port":56717,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":111,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":108,"flow_packet_id":1,"flow_src_last_pkt_time":1685870800640514,"flow_dst_last_pkt_time":1685870800640514,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685870800640514,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRX4Kt8T8kSm\/LN92NAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":111,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870800640514,"flow_src_last_pkt_time":1685870800640514,"flow_dst_last_pkt_time":1685870800640514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870800640514,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"74.111.203.55","src_port":56717,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870701070559,"flow_src_last_pkt_time":1685870701070559,"flow_dst_last_pkt_time":1685870701070559,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870800640514,"l3_proto":"ip4","src_ip":"88.219.46.235","dst_ip":"90.147.171.51","src_port":7636,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870915573371,"flow_src_last_pkt_time":1685870915573371,"flow_dst_last_pkt_time":1685870915573371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870915573371,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"90.111.212.50","src_port":49798,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":109,"flow_packet_id":1,"flow_src_last_pkt_time":1685870915573371,"flow_dst_last_pkt_time":1685870915573371,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685870915573371,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+RIhAADQRununOTHbWm\/UMsKGAasAKmU5AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870915573371,"flow_src_last_pkt_time":1685870915573371,"flow_dst_last_pkt_time":1685870915573371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870915573371,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"90.111.212.50","src_port":49798,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":113,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870701070559,"flow_src_last_pkt_time":1685870701070559,"flow_dst_last_pkt_time":1685870701070559,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870915573371,"l3_proto":"ip4","src_ip":"88.219.46.235","dst_ip":"90.147.171.51","src_port":7636,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":113,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870800640514,"flow_src_last_pkt_time":1685870800640514,"flow_dst_last_pkt_time":1685870800640514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870915573371,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"74.111.203.55","src_port":56717,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":113,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871075034933,"flow_src_last_pkt_time":1685871075034933,"flow_dst_last_pkt_time":1685871075034933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871075034933,"l3_proto":"ip4","src_ip":"168.222.38.193","dst_ip":"186.112.202.53","src_port":38055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":113,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":110,"flow_packet_id":1,"flow_src_last_pkt_time":1685871075034933,"flow_dst_last_pkt_time":1685871075034933,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685871075034933,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+6TZAADQRFbao3ibBunDKNZSnAasAKpMBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":113,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871075034933,"flow_src_last_pkt_time":1685871075034933,"flow_dst_last_pkt_time":1685871075034933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871075034933,"l3_proto":"ip4","src_ip":"168.222.38.193","dst_ip":"186.112.202.53","src_port":38055,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870800640514,"flow_src_last_pkt_time":1685870800640514,"flow_dst_last_pkt_time":1685870800640514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871075034933,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"74.111.203.55","src_port":56717,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870915573371,"flow_src_last_pkt_time":1685870915573371,"flow_dst_last_pkt_time":1685870915573371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871075034933,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"90.111.212.50","src_port":49798,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":114,"packets-processed":113,"total-skipped-flows":0,"total-l4-payload-len":6022,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":110,"total-detection-updates":0,"total-updates":23,"current-active-flows":2,"total-active-flows":110,"total-idle-flows":108,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":533,"global_ts_usec":1685871093262888} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871093262888,"flow_src_last_pkt_time":1685871093262888,"flow_dst_last_pkt_time":1685871093262888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871093262888,"l3_proto":"ip4","src_ip":"46.204.255.75","dst_ip":"165.144.84.62","src_port":55098,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":111,"flow_packet_id":1,"flow_src_last_pkt_time":1685871093262888,"flow_dst_last_pkt_time":1685871093262888,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685871093262888,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXosuzP9LpZBUPtc6AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871093262888,"flow_src_last_pkt_time":1685871093262888,"flow_dst_last_pkt_time":1685871093262888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871093262888,"l3_proto":"ip4","src_ip":"46.204.255.75","dst_ip":"165.144.84.62","src_port":55098,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":115,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871237861116,"flow_src_last_pkt_time":1685871237861116,"flow_dst_last_pkt_time":1685871237861116,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871237861116,"l3_proto":"ip4","src_ip":"88.219.46.235","dst_ip":"90.145.180.58","src_port":44462,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":115,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":112,"flow_packet_id":1,"flow_src_last_pkt_time":1685871237861116,"flow_dst_last_pkt_time":1685871237861116,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685871237861116,"pkt":"bs1PogZtPJTVQTiBCABFAAA+3I1AADQRIpJY2y7rWpG0Oq2uAasAKnotAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":115,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871237861116,"flow_src_last_pkt_time":1685871237861116,"flow_dst_last_pkt_time":1685871237861116,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871237861116,"l3_proto":"ip4","src_ip":"88.219.46.235","dst_ip":"90.145.180.58","src_port":44462,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870915573371,"flow_src_last_pkt_time":1685870915573371,"flow_dst_last_pkt_time":1685870915573371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871237861116,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"90.111.212.50","src_port":49798,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01114{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871075034933,"flow_src_last_pkt_time":1685871075034933,"flow_dst_last_pkt_time":1685871075034933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871237861116,"l3_proto":"ip4","src_ip":"168.222.38.193","dst_ip":"186.112.202.53","src_port":38055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871093262888,"flow_src_last_pkt_time":1685871093262888,"flow_dst_last_pkt_time":1685871093262888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871237861116,"l3_proto":"ip4","src_ip":"46.204.255.75","dst_ip":"165.144.84.62","src_port":55098,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":116,"packets-processed":115,"total-skipped-flows":0,"total-l4-payload-len":6085,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":112,"total-detection-updates":0,"total-updates":25,"current-active-flows":3,"total-active-flows":112,"total-idle-flows":109,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":543,"global_ts_usec":1685872555023942} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872555023942,"flow_src_last_pkt_time":1685872555023942,"flow_dst_last_pkt_time":1685872555023942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872555023942,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"165.114.202.61","src_port":62479,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":113,"flow_packet_id":1,"flow_src_last_pkt_time":1685872555023942,"flow_dst_last_pkt_time":1685872555023942,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685872555023942,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+aWdAADQRlZGnOTHbpXLKPfQPAasAKjOlAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872555023942,"flow_src_last_pkt_time":1685872555023942,"flow_dst_last_pkt_time":1685872555023942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872555023942,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"165.114.202.61","src_port":62479,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":117,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871237861116,"flow_src_last_pkt_time":1685871237861116,"flow_dst_last_pkt_time":1685871237861116,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872555023942,"l3_proto":"ip4","src_ip":"88.219.46.235","dst_ip":"90.145.180.58","src_port":44462,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":117,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871075034933,"flow_src_last_pkt_time":1685871075034933,"flow_dst_last_pkt_time":1685871075034933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872555023942,"l3_proto":"ip4","src_ip":"168.222.38.193","dst_ip":"186.112.202.53","src_port":38055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":117,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871093262888,"flow_src_last_pkt_time":1685871093262888,"flow_dst_last_pkt_time":1685871093262888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872555023942,"l3_proto":"ip4","src_ip":"46.204.255.75","dst_ip":"165.144.84.62","src_port":55098,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":117,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872858284372,"flow_src_last_pkt_time":1685872858284372,"flow_dst_last_pkt_time":1685872858284372,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872858284372,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"165.114.202.61","src_port":55733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":117,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":114,"flow_packet_id":1,"flow_src_last_pkt_time":1685872858284372,"flow_dst_last_pkt_time":1685872858284372,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685872858284372,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXklTDuAOpXLKPdm1AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":117,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872858284372,"flow_src_last_pkt_time":1685872858284372,"flow_dst_last_pkt_time":1685872858284372,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872858284372,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"165.114.202.61","src_port":55733,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872555023942,"flow_src_last_pkt_time":1685872555023942,"flow_dst_last_pkt_time":1685872555023942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872858284372,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"165.114.202.61","src_port":62479,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":118,"packets-processed":117,"total-skipped-flows":0,"total-l4-payload-len":6148,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":114,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":114,"total-idle-flows":113,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":554,"global_ts_usec":1685882198118291} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685882198118291,"flow_src_last_pkt_time":1685882198118291,"flow_dst_last_pkt_time":1685882198118291,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685882198118291,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"69.109.187.54","src_port":43688,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":115,"flow_packet_id":1,"flow_src_last_pkt_time":1685882198118291,"flow_dst_last_pkt_time":1685882198118291,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685882198118291,"pkt":"bpHurUgdPJTVQTiBCABFCABLT4kAACIReyefPLR2RW27NqqoAasAN3ciAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685882198118291,"flow_src_last_pkt_time":1685882198118291,"flow_dst_last_pkt_time":1685882198118291,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685882198118291,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"69.109.187.54","src_port":43688,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872858284372,"flow_src_last_pkt_time":1685872858284372,"flow_dst_last_pkt_time":1685872858284372,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685882198118291,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"165.114.202.61","src_port":55733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":119,"packets-processed":118,"total-skipped-flows":0,"total-l4-payload-len":6195,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":115,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":115,"total-idle-flows":114,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":559,"global_ts_usec":1685890136540249} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685890136540249,"flow_src_last_pkt_time":1685890136540249,"flow_dst_last_pkt_time":1685890136540249,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685890136540249,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.147.171.51","src_port":38375,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":116,"flow_packet_id":1,"flow_src_last_pkt_time":1685890136540249,"flow_dst_last_pkt_time":1685890136540249,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685890136540249,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsREhCGtJCVWpOrM5XnAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685890136540249,"flow_src_last_pkt_time":1685890136540249,"flow_dst_last_pkt_time":1685890136540249,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685890136540249,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.147.171.51","src_port":38375,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685882198118291,"flow_src_last_pkt_time":1685882198118291,"flow_dst_last_pkt_time":1685882198118291,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685890136540249,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"69.109.187.54","src_port":43688,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":120,"packets-processed":119,"total-skipped-flows":0,"total-l4-payload-len":6293,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":116,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":116,"total-idle-flows":115,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":564,"global_ts_usec":1685893050953648} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685893050953648,"flow_src_last_pkt_time":1685893050953648,"flow_dst_last_pkt_time":1685893050953648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685893050953648,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.141.37.56","src_port":52853,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":117,"flow_packet_id":1,"flow_src_last_pkt_time":1685893050953648,"flow_dst_last_pkt_time":1685893050953648,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685893050953648,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAOsREgqGtJCVWo0lOM51AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685893050953648,"flow_src_last_pkt_time":1685893050953648,"flow_dst_last_pkt_time":1685893050953648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685893050953648,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.141.37.56","src_port":52853,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685890136540249,"flow_src_last_pkt_time":1685890136540249,"flow_dst_last_pkt_time":1685890136540249,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685893050953648,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.147.171.51","src_port":38375,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":121,"packets-processed":120,"total-skipped-flows":0,"total-l4-payload-len":6391,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":117,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":117,"total-idle-flows":116,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":569,"global_ts_usec":1685894881323596} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685894881323596,"flow_src_last_pkt_time":1685894881323596,"flow_dst_last_pkt_time":1685894881323596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685894881323596,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"165.114.202.61","src_port":53222,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":118,"flow_packet_id":1,"flow_src_last_pkt_time":1685894881323596,"flow_dst_last_pkt_time":1685894881323596,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685894881323596,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSrvZI2ZpXLKPc\/mAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685894881323596,"flow_src_last_pkt_time":1685894881323596,"flow_dst_last_pkt_time":1685894881323596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685894881323596,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"165.114.202.61","src_port":53222,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685893050953648,"flow_src_last_pkt_time":1685893050953648,"flow_dst_last_pkt_time":1685893050953648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685894881323596,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.141.37.56","src_port":52853,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":122,"packets-processed":121,"total-skipped-flows":0,"total-l4-payload-len":6489,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":118,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":118,"total-idle-flows":117,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":574,"global_ts_usec":1685895935303589} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685895935303589,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685895935303589,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":34238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":1,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685895935303589,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqiQtY5KSWm\/UMoW+AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685895935303589,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685895935303589,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":34238,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":123,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685894881323596,"flow_src_last_pkt_time":1685894881323596,"flow_dst_last_pkt_time":1685894881323596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685895935303589,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"165.114.202.61","src_port":53222,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":123,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685896082620616,"flow_src_last_pkt_time":1685896082620616,"flow_dst_last_pkt_time":1685896082620616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685896082620616,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":60043,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":123,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":1,"flow_src_last_pkt_time":1685896082620616,"flow_dst_last_pkt_time":1685896082620616,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685896082620616,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RD\/62tHiLpZBUPuqLAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":123,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685896082620616,"flow_src_last_pkt_time":1685896082620616,"flow_dst_last_pkt_time":1685896082620616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685896082620616,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":60043,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685895935303589,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685896082620616,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":34238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":124,"packets-processed":123,"total-skipped-flows":0,"total-l4-payload-len":6685,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":120,"total-detection-updates":0,"total-updates":26,"current-active-flows":2,"total-active-flows":120,"total-idle-flows":118,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":583,"global_ts_usec":1685898155508793} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685898155508793,"flow_src_last_pkt_time":1685898155508793,"flow_dst_last_pkt_time":1685898155508793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685898155508793,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"74.111.203.55","src_port":55816,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":1,"flow_src_last_pkt_time":1685898155508793,"flow_dst_last_pkt_time":1685898155508793,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685898155508793,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAO0RqiIuZGGTSm\/LN9oIAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685898155508793,"flow_src_last_pkt_time":1685898155508793,"flow_dst_last_pkt_time":1685898155508793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685898155508793,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"74.111.203.55","src_port":55816,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685896082620616,"flow_src_last_pkt_time":1685896082620616,"flow_dst_last_pkt_time":1685896082620616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685898155508793,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":60043,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685895935303589,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685898155508793,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":34238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":125,"packets-processed":124,"total-skipped-flows":0,"total-l4-payload-len":6783,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":121,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":121,"total-idle-flows":120,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":589,"global_ts_usec":1685900239002858} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900239002858,"flow_src_last_pkt_time":1685900239002858,"flow_dst_last_pkt_time":1685900239002858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900239002858,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"69.109.187.54","src_port":47805,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":1,"flow_src_last_pkt_time":1685900239002858,"flow_dst_last_pkt_time":1685900239002858,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685900239002858,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPMRpTIve7GaRW27Nrq9AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900239002858,"flow_src_last_pkt_time":1685900239002858,"flow_dst_last_pkt_time":1685900239002858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900239002858,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"69.109.187.54","src_port":47805,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":126,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685898155508793,"flow_src_last_pkt_time":1685898155508793,"flow_dst_last_pkt_time":1685898155508793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900239002858,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"74.111.203.55","src_port":55816,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":126,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900274127763,"flow_src_last_pkt_time":1685900274127763,"flow_dst_last_pkt_time":1685900274127763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900274127763,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":51113,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":126,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":123,"flow_packet_id":1,"flow_src_last_pkt_time":1685900274127763,"flow_dst_last_pkt_time":1685900274127763,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685900274127763,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPIRCw+GtJCVWpG0OsepAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":126,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900274127763,"flow_src_last_pkt_time":1685900274127763,"flow_dst_last_pkt_time":1685900274127763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900274127763,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":51113,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900456106642,"flow_src_last_pkt_time":1685900456106642,"flow_dst_last_pkt_time":1685900456106642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900456106642,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"186.112.202.53","src_port":39226,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":124,"flow_packet_id":1,"flow_src_last_pkt_time":1685900456106642,"flow_dst_last_pkt_time":1685900456106642,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685900456106642,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAPARDM5GtG\/xunDKNZk6AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900456106642,"flow_src_last_pkt_time":1685900456106642,"flow_dst_last_pkt_time":1685900456106642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900456106642,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"186.112.202.53","src_port":39226,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900239002858,"flow_src_last_pkt_time":1685900239002858,"flow_dst_last_pkt_time":1685900239002858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900456106642,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"69.109.187.54","src_port":47805,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900274127763,"flow_src_last_pkt_time":1685900274127763,"flow_dst_last_pkt_time":1685900274127763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900456106642,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":51113,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":128,"packets-processed":127,"total-skipped-flows":0,"total-l4-payload-len":7077,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":124,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":124,"total-idle-flows":123,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":602,"global_ts_usec":1685915408138503} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915408138503,"flow_src_last_pkt_time":1685915408138503,"flow_dst_last_pkt_time":1685915408138503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915408138503,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":9681,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":125,"flow_packet_id":1,"flow_src_last_pkt_time":1685915408138503,"flow_dst_last_pkt_time":1685915408138503,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685915408138503,"pkt":"AAwp30Y4PJTVQTiBCABFCABLkhwAACIROIkjAGRzpZBUPiXRAasAN\/vuAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915408138503,"flow_src_last_pkt_time":1685915408138503,"flow_dst_last_pkt_time":1685915408138503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915408138503,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":9681,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":129,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900456106642,"flow_src_last_pkt_time":1685900456106642,"flow_dst_last_pkt_time":1685900456106642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915408138503,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"186.112.202.53","src_port":39226,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":129,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915597923295,"flow_src_last_pkt_time":1685915597923295,"flow_dst_last_pkt_time":1685915597923295,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915597923295,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"74.111.203.55","src_port":24595,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":129,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":126,"flow_packet_id":1,"flow_src_last_pkt_time":1685915597923295,"flow_dst_last_pkt_time":1685915597923295,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685915597923295,"pkt":"ipffLU2SPJTVQTiBCABFAABLM0cAACcRn97invx\/Sm\/LN2ATAasAN88kAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":129,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915597923295,"flow_src_last_pkt_time":1685915597923295,"flow_dst_last_pkt_time":1685915597923295,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915597923295,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"74.111.203.55","src_port":24595,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915408138503,"flow_src_last_pkt_time":1685915408138503,"flow_dst_last_pkt_time":1685915408138503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915597923295,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":9681,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":130,"packets-processed":129,"total-skipped-flows":0,"total-l4-payload-len":7171,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":126,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":126,"total-idle-flows":125,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":611,"global_ts_usec":1685918860009356} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685918860009356,"flow_src_last_pkt_time":1685918860009356,"flow_dst_last_pkt_time":1685918860009356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685918860009356,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"74.111.203.55","src_port":56086,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":127,"flow_packet_id":1,"flow_src_last_pkt_time":1685918860009356,"flow_dst_last_pkt_time":1685918860009356,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685918860009356,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbX1CGOFNSm\/LN9sWAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685918860009356,"flow_src_last_pkt_time":1685918860009356,"flow_dst_last_pkt_time":1685918860009356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685918860009356,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"74.111.203.55","src_port":56086,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915597923295,"flow_src_last_pkt_time":1685915597923295,"flow_dst_last_pkt_time":1685915597923295,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685918860009356,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"74.111.203.55","src_port":24595,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":131,"packets-processed":130,"total-skipped-flows":0,"total-l4-payload-len":7200,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":127,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":127,"total-idle-flows":126,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":616,"global_ts_usec":1685919707980290} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685919707980290,"flow_src_last_pkt_time":1685919707980290,"flow_dst_last_pkt_time":1685919707980290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685919707980290,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"90.145.180.58","src_port":49307,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":128,"flow_packet_id":1,"flow_src_last_pkt_time":1685919707980290,"flow_dst_last_pkt_time":1685919707980290,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685919707980290,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRX0xTDuAOWpG0OsCbAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685919707980290,"flow_src_last_pkt_time":1685919707980290,"flow_dst_last_pkt_time":1685919707980290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685919707980290,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"90.145.180.58","src_port":49307,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685918860009356,"flow_src_last_pkt_time":1685918860009356,"flow_dst_last_pkt_time":1685918860009356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685919707980290,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"74.111.203.55","src_port":56086,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":132,"packets-processed":131,"total-skipped-flows":0,"total-l4-payload-len":7229,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":128,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":128,"total-idle-flows":127,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":621,"global_ts_usec":1685923909350319} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685923909350319,"flow_src_last_pkt_time":1685923909350319,"flow_dst_last_pkt_time":1685923909350319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685923909350319,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.141.37.56","src_port":44099,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":129,"flow_packet_id":1,"flow_src_last_pkt_time":1685923909350319,"flow_dst_last_pkt_time":1685923909350319,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685923909350319,"pkt":"3jHC4dyOPJTVQTiBCABFAABLfvwAACcRVCBiZ\/1zWo0lOKxDAasAN4LrAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685923909350319,"flow_src_last_pkt_time":1685923909350319,"flow_dst_last_pkt_time":1685923909350319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685923909350319,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.141.37.56","src_port":44099,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685919707980290,"flow_src_last_pkt_time":1685919707980290,"flow_dst_last_pkt_time":1685919707980290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685923909350319,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"90.145.180.58","src_port":49307,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":133,"packets-processed":132,"total-skipped-flows":0,"total-l4-payload-len":7276,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":129,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":129,"total-idle-flows":128,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":626,"global_ts_usec":1685927801125774} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685927801125774,"flow_src_last_pkt_time":1685927801125774,"flow_dst_last_pkt_time":1685927801125774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685927801125774,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"165.114.202.61","src_port":29946,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":130,"flow_packet_id":1,"flow_src_last_pkt_time":1685927801125774,"flow_dst_last_pkt_time":1685927801125774,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685927801125774,"pkt":"AAwp30Y4PJTVQTiBCABFAABLN1kAACcRm8DigHp2pXLKPXT6AasAN7oxAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685927801125774,"flow_src_last_pkt_time":1685927801125774,"flow_dst_last_pkt_time":1685927801125774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685927801125774,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"165.114.202.61","src_port":29946,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685923909350319,"flow_src_last_pkt_time":1685923909350319,"flow_dst_last_pkt_time":1685923909350319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685927801125774,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.141.37.56","src_port":44099,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":134,"packets-processed":133,"total-skipped-flows":0,"total-l4-payload-len":7323,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":130,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":130,"total-idle-flows":129,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":631,"global_ts_usec":1685929607649688} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685929607649688,"flow_src_last_pkt_time":1685929607649688,"flow_dst_last_pkt_time":1685929607649688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685929607649688,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"90.147.171.51","src_port":57092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":131,"flow_packet_id":1,"flow_src_last_pkt_time":1685929607649688,"flow_dst_last_pkt_time":1685929607649688,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685929607649688,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+dqxAADQRKhJAP9viWpOrM98EAasAKup1AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685929607649688,"flow_src_last_pkt_time":1685929607649688,"flow_dst_last_pkt_time":1685929607649688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685929607649688,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"90.147.171.51","src_port":57092,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685927801125774,"flow_src_last_pkt_time":1685927801125774,"flow_dst_last_pkt_time":1685927801125774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685929607649688,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"165.114.202.61","src_port":29946,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":135,"packets-processed":134,"total-skipped-flows":0,"total-l4-payload-len":7357,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":131,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":131,"total-idle-flows":130,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":636,"global_ts_usec":1685930408325419} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930408325419,"flow_src_last_pkt_time":1685930408325419,"flow_dst_last_pkt_time":1685930408325419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930408325419,"l3_proto":"ip4","src_ip":"160.184.203.250","dst_ip":"74.111.203.55","src_port":41825,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":132,"flow_packet_id":1,"flow_src_last_pkt_time":1685930408325419,"flow_dst_last_pkt_time":1685930408325419,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685930408325419,"pkt":"ipffLU2SPJTVQTiBCABFAAA+RodAADQRWiiguMv6Sm\/LN6NhAasAKiYKAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930408325419,"flow_src_last_pkt_time":1685930408325419,"flow_dst_last_pkt_time":1685930408325419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930408325419,"l3_proto":"ip4","src_ip":"160.184.203.250","dst_ip":"74.111.203.55","src_port":41825,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":136,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685929607649688,"flow_src_last_pkt_time":1685929607649688,"flow_dst_last_pkt_time":1685929607649688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930408325419,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"90.147.171.51","src_port":57092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":136,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930521950503,"flow_src_last_pkt_time":1685930521950503,"flow_dst_last_pkt_time":1685930521950503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930521950503,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"165.114.202.61","src_port":57092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":136,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":133,"flow_packet_id":1,"flow_src_last_pkt_time":1685930521950503,"flow_dst_last_pkt_time":1685930521950503,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685930521950503,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+FB1AADQRjJVAP9vipXLKPd8EAasAKuppAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":136,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930521950503,"flow_src_last_pkt_time":1685930521950503,"flow_dst_last_pkt_time":1685930521950503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930521950503,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"165.114.202.61","src_port":57092,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01114{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930408325419,"flow_src_last_pkt_time":1685930408325419,"flow_dst_last_pkt_time":1685930408325419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930521950503,"l3_proto":"ip4","src_ip":"160.184.203.250","dst_ip":"74.111.203.55","src_port":41825,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":137,"packets-processed":136,"total-skipped-flows":0,"total-l4-payload-len":7425,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":133,"total-detection-updates":0,"total-updates":27,"current-active-flows":2,"total-active-flows":133,"total-idle-flows":131,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":645,"global_ts_usec":1685931213042208} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931213042208,"flow_src_last_pkt_time":1685931213042208,"flow_dst_last_pkt_time":1685931213042208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931213042208,"l3_proto":"ip4","src_ip":"64.71.218.224","dst_ip":"85.111.52.57","src_port":20366,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":134,"flow_packet_id":1,"flow_src_last_pkt_time":1685931213042208,"flow_dst_last_pkt_time":1685931213042208,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685931213042208,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+edhAADQRJt1AR9rgVW80OU+OAasAKnnjAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931213042208,"flow_src_last_pkt_time":1685931213042208,"flow_dst_last_pkt_time":1685931213042208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931213042208,"l3_proto":"ip4","src_ip":"64.71.218.224","dst_ip":"85.111.52.57","src_port":20366,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":138,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930521950503,"flow_src_last_pkt_time":1685930521950503,"flow_dst_last_pkt_time":1685930521950503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931213042208,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"165.114.202.61","src_port":57092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":138,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930408325419,"flow_src_last_pkt_time":1685930408325419,"flow_dst_last_pkt_time":1685930408325419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931213042208,"l3_proto":"ip4","src_ip":"160.184.203.250","dst_ip":"74.111.203.55","src_port":41825,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":138,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931328327343,"flow_src_last_pkt_time":1685931328327343,"flow_dst_last_pkt_time":1685931328327343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931328327343,"l3_proto":"ip4","src_ip":"64.65.52.246","dst_ip":"165.144.84.62","src_port":10179,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":138,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":135,"flow_packet_id":1,"flow_src_last_pkt_time":1685931328327343,"flow_dst_last_pkt_time":1685931328327343,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685931328327343,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+pR9AADQR+4tAQTT2pZBUPifDAasAKqGkAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":138,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931328327343,"flow_src_last_pkt_time":1685931328327343,"flow_dst_last_pkt_time":1685931328327343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931328327343,"l3_proto":"ip4","src_ip":"64.65.52.246","dst_ip":"165.144.84.62","src_port":10179,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":139,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931213042208,"flow_src_last_pkt_time":1685931213042208,"flow_dst_last_pkt_time":1685931213042208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931328327343,"l3_proto":"ip4","src_ip":"64.71.218.224","dst_ip":"85.111.52.57","src_port":20366,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":139,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931339492549,"flow_src_last_pkt_time":1685931339492549,"flow_dst_last_pkt_time":1685931339492549,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931339492549,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"90.141.37.56","src_port":10207,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":139,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":136,"flow_packet_id":1,"flow_src_last_pkt_time":1685931339492549,"flow_dst_last_pkt_time":1685931339492549,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685931339492549,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+3uVAADQRwdJAP9viWo0lOCffAasAKqGVAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":139,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931339492549,"flow_src_last_pkt_time":1685931339492549,"flow_dst_last_pkt_time":1685931339492549,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931339492549,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"90.141.37.56","src_port":10207,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":140,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931793309466,"flow_src_last_pkt_time":1685931793309466,"flow_dst_last_pkt_time":1685931793309466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931793309466,"l3_proto":"ip4","src_ip":"161.193.58.225","dst_ip":"186.112.202.53","src_port":64776,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":140,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":137,"flow_packet_id":1,"flow_src_last_pkt_time":1685931793309466,"flow_dst_last_pkt_time":1685931793309466,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685931793309466,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+A11AADQRnVyhwTrhunDKNf0IAasAKsxsAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01077{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":140,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931793309466,"flow_src_last_pkt_time":1685931793309466,"flow_dst_last_pkt_time":1685931793309466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931793309466,"l3_proto":"ip4","src_ip":"161.193.58.225","dst_ip":"186.112.202.53","src_port":64776,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931328327343,"flow_src_last_pkt_time":1685931328327343,"flow_dst_last_pkt_time":1685931328327343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931793309466,"l3_proto":"ip4","src_ip":"64.65.52.246","dst_ip":"165.144.84.62","src_port":10179,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931339492549,"flow_src_last_pkt_time":1685931339492549,"flow_dst_last_pkt_time":1685931339492549,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931793309466,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"90.141.37.56","src_port":10207,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931213042208,"flow_src_last_pkt_time":1685931213042208,"flow_dst_last_pkt_time":1685931213042208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931793309466,"l3_proto":"ip4","src_ip":"64.71.218.224","dst_ip":"85.111.52.57","src_port":20366,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":141,"packets-processed":140,"total-skipped-flows":0,"total-l4-payload-len":7561,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":137,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":137,"total-idle-flows":136,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":664,"global_ts_usec":1685932001528402} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932001528402,"flow_src_last_pkt_time":1685932001528402,"flow_dst_last_pkt_time":1685932001528402,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932001528402,"l3_proto":"ip4","src_ip":"65.62.197.248","dst_ip":"69.109.187.54","src_port":45675,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":138,"flow_packet_id":1,"flow_src_last_pkt_time":1685932001528402,"flow_dst_last_pkt_time":1685932001528402,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685932001528402,"pkt":"bpHurUgdPJTVQTiBCABFAAA++0RAADQRpWtBPsX4RW27NrJrAasAKhcBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932001528402,"flow_src_last_pkt_time":1685932001528402,"flow_dst_last_pkt_time":1685932001528402,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932001528402,"l3_proto":"ip4","src_ip":"65.62.197.248","dst_ip":"69.109.187.54","src_port":45675,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931793309466,"flow_src_last_pkt_time":1685931793309466,"flow_dst_last_pkt_time":1685931793309466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932001528402,"l3_proto":"ip4","src_ip":"161.193.58.225","dst_ip":"186.112.202.53","src_port":64776,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":142,"packets-processed":141,"total-skipped-flows":0,"total-l4-payload-len":7595,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":138,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":138,"total-idle-flows":137,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":669,"global_ts_usec":1685932876135808} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932876135808,"flow_src_last_pkt_time":1685932876135808,"flow_dst_last_pkt_time":1685932876135808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932876135808,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"165.144.84.62","src_port":48728,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":139,"flow_packet_id":1,"flow_src_last_pkt_time":1685932876135808,"flow_dst_last_pkt_time":1685932876135808,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685932876135808,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAPARqBoQY5OSpZBUPr5YAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932876135808,"flow_src_last_pkt_time":1685932876135808,"flow_dst_last_pkt_time":1685932876135808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932876135808,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"165.144.84.62","src_port":48728,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932001528402,"flow_src_last_pkt_time":1685932001528402,"flow_dst_last_pkt_time":1685932001528402,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932876135808,"l3_proto":"ip4","src_ip":"65.62.197.248","dst_ip":"69.109.187.54","src_port":45675,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":143,"packets-processed":142,"total-skipped-flows":0,"total-l4-payload-len":7693,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":139,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":139,"total-idle-flows":138,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":674,"global_ts_usec":1685933841851094} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685933841851094,"flow_src_last_pkt_time":1685933841851094,"flow_dst_last_pkt_time":1685933841851094,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685933841851094,"l3_proto":"ip4","src_ip":"75.153.126.243","dst_ip":"69.109.187.54","src_port":54378,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":140,"flow_packet_id":1,"flow_src_last_pkt_time":1685933841851094,"flow_dst_last_pkt_time":1685933841851094,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":1685933841851094,"pkt":"bpHurUgdPJTVQTiBCABFAABU0ltAADQRvvtLmX7zRW27NtRqAasAQAAAAgEAADggAAAAAGqbAAJlbgAAABdzZXJ2aWNlOmRpcmVjdG9yeS1hZ2VudAAHZGVmYXVsdAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685933841851094,"flow_src_last_pkt_time":1685933841851094,"flow_dst_last_pkt_time":1685933841851094,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685933841851094,"l3_proto":"ip4","src_ip":"75.153.126.243","dst_ip":"69.109.187.54","src_port":54378,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":144,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932876135808,"flow_src_last_pkt_time":1685932876135808,"flow_dst_last_pkt_time":1685932876135808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685933841851094,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"165.144.84.62","src_port":48728,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":144,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685934156732428,"flow_src_last_pkt_time":1685934156732428,"flow_dst_last_pkt_time":1685934156732428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685934156732428,"l3_proto":"ip4","src_ip":"70.216.186.103","dst_ip":"165.144.84.62","src_port":55880,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":144,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":141,"flow_packet_id":1,"flow_src_last_pkt_time":1685934156732428,"flow_dst_last_pkt_time":1685934156732428,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685934156732428,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbI5G2LpnpZBUPtpIAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":144,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685934156732428,"flow_src_last_pkt_time":1685934156732428,"flow_dst_last_pkt_time":1685934156732428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685934156732428,"l3_proto":"ip4","src_ip":"70.216.186.103","dst_ip":"165.144.84.62","src_port":55880,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685933841851094,"flow_src_last_pkt_time":1685933841851094,"flow_dst_last_pkt_time":1685933841851094,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685934156732428,"l3_proto":"ip4","src_ip":"75.153.126.243","dst_ip":"69.109.187.54","src_port":54378,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":145,"packets-processed":144,"total-skipped-flows":0,"total-l4-payload-len":7778,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":141,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":141,"total-idle-flows":140,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":683,"global_ts_usec":1685949298361033} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949298361033,"flow_src_last_pkt_time":1685949298361033,"flow_dst_last_pkt_time":1685949298361033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949298361033,"l3_proto":"ip4","src_ip":"82.14.191.177","dst_ip":"186.112.202.53","src_port":51704,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":142,"flow_packet_id":1,"flow_src_last_pkt_time":1685949298361033,"flow_dst_last_pkt_time":1685949298361033,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685949298361033,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPoRXw9SDr+xunDKNcn4AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949298361033,"flow_src_last_pkt_time":1685949298361033,"flow_dst_last_pkt_time":1685949298361033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949298361033,"l3_proto":"ip4","src_ip":"82.14.191.177","dst_ip":"186.112.202.53","src_port":51704,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":146,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685934156732428,"flow_src_last_pkt_time":1685934156732428,"flow_dst_last_pkt_time":1685934156732428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949298361033,"l3_proto":"ip4","src_ip":"70.216.186.103","dst_ip":"165.144.84.62","src_port":55880,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":146,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949441960339,"flow_src_last_pkt_time":1685949441960339,"flow_dst_last_pkt_time":1685949441960339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949441960339,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"69.109.187.54","src_port":49306,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":146,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":1,"flow_src_last_pkt_time":1685949441960339,"flow_dst_last_pkt_time":1685949441960339,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685949441960339,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRbdJGHGX8RW27NsCaAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":146,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949441960339,"flow_src_last_pkt_time":1685949441960339,"flow_dst_last_pkt_time":1685949441960339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949441960339,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"69.109.187.54","src_port":49306,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":147,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949298361033,"flow_src_last_pkt_time":1685949298361033,"flow_dst_last_pkt_time":1685949298361033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949441960339,"l3_proto":"ip4","src_ip":"82.14.191.177","dst_ip":"186.112.202.53","src_port":51704,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":147,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949575864849,"flow_src_last_pkt_time":1685949575864849,"flow_dst_last_pkt_time":1685949575864849,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949575864849,"l3_proto":"ip4","src_ip":"166.235.162.1","dst_ip":"165.114.202.61","src_port":50338,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":147,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":144,"flow_packet_id":1,"flow_src_last_pkt_time":1685949575864849,"flow_dst_last_pkt_time":1685949575864849,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685949575864849,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbCim66IBpXLKPcSiAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":147,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949575864849,"flow_src_last_pkt_time":1685949575864849,"flow_dst_last_pkt_time":1685949575864849,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949575864849,"l3_proto":"ip4","src_ip":"166.235.162.1","dst_ip":"165.114.202.61","src_port":50338,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949298361033,"flow_src_last_pkt_time":1685949298361033,"flow_dst_last_pkt_time":1685949298361033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949575864849,"l3_proto":"ip4","src_ip":"82.14.191.177","dst_ip":"186.112.202.53","src_port":51704,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949441960339,"flow_src_last_pkt_time":1685949441960339,"flow_dst_last_pkt_time":1685949441960339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949575864849,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"69.109.187.54","src_port":49306,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":148,"packets-processed":147,"total-skipped-flows":0,"total-l4-payload-len":7865,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":144,"total-detection-updates":0,"total-updates":30,"current-active-flows":2,"total-active-flows":144,"total-idle-flows":142,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":697,"global_ts_usec":1685950065516616} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950065516616,"flow_src_last_pkt_time":1685950065516616,"flow_dst_last_pkt_time":1685950065516616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950065516616,"l3_proto":"ip4","src_ip":"38.238.166.9","dst_ip":"90.147.171.51","src_port":56529,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":1,"flow_src_last_pkt_time":1685950065516616,"flow_dst_last_pkt_time":1685950065516616,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685950065516616,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbUAm7qYJWpOrM9zRAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950065516616,"flow_src_last_pkt_time":1685950065516616,"flow_dst_last_pkt_time":1685950065516616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950065516616,"l3_proto":"ip4","src_ip":"38.238.166.9","dst_ip":"90.147.171.51","src_port":56529,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949441960339,"flow_src_last_pkt_time":1685949441960339,"flow_dst_last_pkt_time":1685949441960339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950065516616,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"69.109.187.54","src_port":49306,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949575864849,"flow_src_last_pkt_time":1685949575864849,"flow_dst_last_pkt_time":1685949575864849,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950065516616,"l3_proto":"ip4","src_ip":"166.235.162.1","dst_ip":"165.114.202.61","src_port":50338,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":149,"packets-processed":148,"total-skipped-flows":0,"total-l4-payload-len":7894,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":145,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":145,"total-idle-flows":144,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":703,"global_ts_usec":1685950716132805} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950716132805,"flow_src_last_pkt_time":1685950716132805,"flow_dst_last_pkt_time":1685950716132805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950716132805,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.141.37.56","src_port":51495,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":1,"flow_src_last_pkt_time":1685950716132805,"flow_dst_last_pkt_time":1685950716132805,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685950716132805,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRX57OzBhaWo0lOMknAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950716132805,"flow_src_last_pkt_time":1685950716132805,"flow_dst_last_pkt_time":1685950716132805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950716132805,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.141.37.56","src_port":51495,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950065516616,"flow_src_last_pkt_time":1685950065516616,"flow_dst_last_pkt_time":1685950065516616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950716132805,"l3_proto":"ip4","src_ip":"38.238.166.9","dst_ip":"90.147.171.51","src_port":56529,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":150,"packets-processed":149,"total-skipped-flows":0,"total-l4-payload-len":7923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":146,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":146,"total-idle-flows":145,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":708,"global_ts_usec":1685952673673917} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685952673673917,"flow_src_last_pkt_time":1685952673673917,"flow_dst_last_pkt_time":1685952673673917,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685952673673917,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"90.147.171.51","src_port":5073,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":1,"flow_src_last_pkt_time":1685952673673917,"flow_dst_last_pkt_time":1685952673673917,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685952673673917,"pkt":"AAwp30Y4PJTVQTiBCABFAABLLRsAACcRpgilgP10WpOrMxPRAasANxtlAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685952673673917,"flow_src_last_pkt_time":1685952673673917,"flow_dst_last_pkt_time":1685952673673917,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685952673673917,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"90.147.171.51","src_port":5073,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950716132805,"flow_src_last_pkt_time":1685950716132805,"flow_dst_last_pkt_time":1685950716132805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685952673673917,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.141.37.56","src_port":51495,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":151,"packets-processed":150,"total-skipped-flows":0,"total-l4-payload-len":7970,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":147,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":147,"total-idle-flows":146,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":713,"global_ts_usec":1685953474074395} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685953474074395,"flow_src_last_pkt_time":1685953474074395,"flow_dst_last_pkt_time":1685953474074395,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685953474074395,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.111.212.50","src_port":56070,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":1,"flow_src_last_pkt_time":1685953474074395,"flow_dst_last_pkt_time":1685953474074395,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685953474074395,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbdLZH+f\/Wm\/UMtsGAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685953474074395,"flow_src_last_pkt_time":1685953474074395,"flow_dst_last_pkt_time":1685953474074395,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685953474074395,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.111.212.50","src_port":56070,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685952673673917,"flow_src_last_pkt_time":1685952673673917,"flow_dst_last_pkt_time":1685952673673917,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685953474074395,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"90.147.171.51","src_port":5073,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":152,"packets-processed":151,"total-skipped-flows":0,"total-l4-payload-len":7999,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":148,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":148,"total-idle-flows":147,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":718,"global_ts_usec":1685956234214319} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685956234214319,"flow_src_last_pkt_time":1685956234214319,"flow_dst_last_pkt_time":1685956234214319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685956234214319,"l3_proto":"ip4","src_ip":"28.102.134.210","dst_ip":"69.109.187.54","src_port":45382,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":1,"flow_src_last_pkt_time":1685956234214319,"flow_dst_last_pkt_time":1685956234214319,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685956234214319,"pkt":"bpHurUgdPJTVQTiBCABFCABLd1MAACQRTR0cZobSRW27NrFGAasAN2xEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685956234214319,"flow_src_last_pkt_time":1685956234214319,"flow_dst_last_pkt_time":1685956234214319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685956234214319,"l3_proto":"ip4","src_ip":"28.102.134.210","dst_ip":"69.109.187.54","src_port":45382,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685953474074395,"flow_src_last_pkt_time":1685953474074395,"flow_dst_last_pkt_time":1685953474074395,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685956234214319,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.111.212.50","src_port":56070,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":153,"packets-processed":152,"total-skipped-flows":0,"total-l4-payload-len":8046,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":149,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":149,"total-idle-flows":148,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":723,"global_ts_usec":1685959206891430} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685959206891430,"flow_src_last_pkt_time":1685959206891430,"flow_dst_last_pkt_time":1685959206891430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685959206891430,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"85.111.52.57","src_port":50984,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":1,"flow_src_last_pkt_time":1685959206891430,"flow_dst_last_pkt_time":1685959206891430,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685959206891430,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRX32t8T8kVW80OccoAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685959206891430,"flow_src_last_pkt_time":1685959206891430,"flow_dst_last_pkt_time":1685959206891430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685959206891430,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"85.111.52.57","src_port":50984,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685956234214319,"flow_src_last_pkt_time":1685956234214319,"flow_dst_last_pkt_time":1685956234214319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685959206891430,"l3_proto":"ip4","src_ip":"28.102.134.210","dst_ip":"69.109.187.54","src_port":45382,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":154,"packets-processed":153,"total-skipped-flows":0,"total-l4-payload-len":8075,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":150,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":150,"total-idle-flows":149,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":728,"global_ts_usec":1685960845026064} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685960845026064,"flow_src_last_pkt_time":1685960845026064,"flow_dst_last_pkt_time":1685960845026064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685960845026064,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.111.212.50","src_port":60145,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":1,"flow_src_last_pkt_time":1685960845026064,"flow_dst_last_pkt_time":1685960845026064,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685960845026064,"pkt":"AAwp30Y4PJTVQTiBCABFAAA11DEAAPER0yNRGCtqWm\/UMurxAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685960845026064,"flow_src_last_pkt_time":1685960845026064,"flow_dst_last_pkt_time":1685960845026064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685960845026064,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.111.212.50","src_port":60145,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685959206891430,"flow_src_last_pkt_time":1685959206891430,"flow_dst_last_pkt_time":1685959206891430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685960845026064,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"85.111.52.57","src_port":50984,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":155,"packets-processed":154,"total-skipped-flows":0,"total-l4-payload-len":8100,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":151,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":151,"total-idle-flows":150,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":733,"global_ts_usec":1685964244002056} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685964244002056,"flow_src_last_pkt_time":1685964244002056,"flow_dst_last_pkt_time":1685964244002056,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685964244002056,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"74.111.203.55","src_port":57096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":1,"flow_src_last_pkt_time":1685964244002056,"flow_dst_last_pkt_time":1685964244002056,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685964244002056,"pkt":"ipffLU2SPJTVQTiBCABFAAA11DEAAPER0yJRGCtqSm\/LN98IAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685964244002056,"flow_src_last_pkt_time":1685964244002056,"flow_dst_last_pkt_time":1685964244002056,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685964244002056,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"74.111.203.55","src_port":57096,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685960845026064,"flow_src_last_pkt_time":1685960845026064,"flow_dst_last_pkt_time":1685960845026064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685964244002056,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.111.212.50","src_port":60145,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":156,"packets-processed":155,"total-skipped-flows":0,"total-l4-payload-len":8125,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":152,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":152,"total-idle-flows":151,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":738,"global_ts_usec":1685969568367700} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969568367700,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969568367700,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"69.109.187.54","src_port":58419,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":1,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685969568367700,"pkt":"bpHurUgdPJTVQTiBCABFAAA11DEAAPER0yFRGCtqRW27NuQzAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969568367700,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969568367700,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"69.109.187.54","src_port":58419,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685964244002056,"flow_src_last_pkt_time":1685964244002056,"flow_dst_last_pkt_time":1685964244002056,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969568367700,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"74.111.203.55","src_port":57096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969623534341,"flow_src_last_pkt_time":1685969623534341,"flow_dst_last_pkt_time":1685969623534341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969623534341,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"85.111.52.57","src_port":52243,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":154,"flow_packet_id":1,"flow_src_last_pkt_time":1685969623534341,"flow_dst_last_pkt_time":1685969623534341,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685969623534341,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA11DEAAPER0x1RGCtqVW80OcwTAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969623534341,"flow_src_last_pkt_time":1685969623534341,"flow_dst_last_pkt_time":1685969623534341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969623534341,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"85.111.52.57","src_port":52243,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969568367700,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969623534341,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"69.109.187.54","src_port":58419,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":158,"packets-processed":157,"total-skipped-flows":0,"total-l4-payload-len":8175,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":154,"total-detection-updates":0,"total-updates":31,"current-active-flows":2,"total-active-flows":154,"total-idle-flows":152,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":747,"global_ts_usec":1685976878692319} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685976878692319,"flow_src_last_pkt_time":1685976878692319,"flow_dst_last_pkt_time":1685976878692319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685976878692319,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":39508,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":155,"flow_packet_id":1,"flow_src_last_pkt_time":1685976878692319,"flow_dst_last_pkt_time":1685976878692319,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685976878692319,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDMdGtG\/xpZBUPppUAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685976878692319,"flow_src_last_pkt_time":1685976878692319,"flow_dst_last_pkt_time":1685976878692319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685976878692319,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":39508,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969568367700,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685976878692319,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"69.109.187.54","src_port":58419,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969623534341,"flow_src_last_pkt_time":1685969623534341,"flow_dst_last_pkt_time":1685969623534341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685976878692319,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"85.111.52.57","src_port":52243,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":159,"packets-processed":158,"total-skipped-flows":0,"total-l4-payload-len":8273,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":155,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":155,"total-idle-flows":154,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":753,"global_ts_usec":1685980039598832} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980039598832,"flow_src_last_pkt_time":1685980039598832,"flow_dst_last_pkt_time":1685980039598832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980039598832,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.111.212.50","src_port":45704,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":156,"flow_packet_id":1,"flow_src_last_pkt_time":1685980039598832,"flow_dst_last_pkt_time":1685980039598832,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685980039598832,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSrQZLGIWm\/UMrKIAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980039598832,"flow_src_last_pkt_time":1685980039598832,"flow_dst_last_pkt_time":1685980039598832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980039598832,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.111.212.50","src_port":45704,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685976878692319,"flow_src_last_pkt_time":1685976878692319,"flow_dst_last_pkt_time":1685976878692319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980039598832,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":39508,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980256079266,"flow_src_last_pkt_time":1685980256079266,"flow_dst_last_pkt_time":1685980256079266,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980256079266,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"165.144.84.62","src_port":47011,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":157,"flow_packet_id":1,"flow_src_last_pkt_time":1685980256079266,"flow_dst_last_pkt_time":1685980256079266,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685980256079266,"pkt":"AAwp30Y4PJTVQTiBCABFAAA11DEAAPER0xlRGCtqpZBUPrejAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980256079266,"flow_src_last_pkt_time":1685980256079266,"flow_dst_last_pkt_time":1685980256079266,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980256079266,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"165.144.84.62","src_port":47011,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980039598832,"flow_src_last_pkt_time":1685980039598832,"flow_dst_last_pkt_time":1685980039598832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980256079266,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.111.212.50","src_port":45704,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":161,"packets-processed":160,"total-skipped-flows":0,"total-l4-payload-len":8396,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":157,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":157,"total-idle-flows":156,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":762,"global_ts_usec":1685980966068969} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980966068969,"flow_src_last_pkt_time":1685980966068969,"flow_dst_last_pkt_time":1685980966068969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980966068969,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"69.109.187.54","src_port":33316,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":158,"flow_packet_id":1,"flow_src_last_pkt_time":1685980966068969,"flow_dst_last_pkt_time":1685980966068969,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685980966068969,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPIRCw62tHiLRW27NoIkAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980966068969,"flow_src_last_pkt_time":1685980966068969,"flow_dst_last_pkt_time":1685980966068969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980966068969,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"69.109.187.54","src_port":33316,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980256079266,"flow_src_last_pkt_time":1685980256079266,"flow_dst_last_pkt_time":1685980256079266,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980966068969,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"165.144.84.62","src_port":47011,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685981433727126,"flow_src_last_pkt_time":1685981433727126,"flow_dst_last_pkt_time":1685981433727126,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685981433727126,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":38297,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":159,"flow_packet_id":1,"flow_src_last_pkt_time":1685981433727126,"flow_dst_last_pkt_time":1685981433727126,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685981433727126,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPIRCwu2tHiLWo0lOJWZAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685981433727126,"flow_src_last_pkt_time":1685981433727126,"flow_dst_last_pkt_time":1685981433727126,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685981433727126,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":38297,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980966068969,"flow_src_last_pkt_time":1685980966068969,"flow_dst_last_pkt_time":1685980966068969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685981433727126,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"69.109.187.54","src_port":33316,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":163,"packets-processed":162,"total-skipped-flows":0,"total-l4-payload-len":8592,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":159,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":159,"total-idle-flows":158,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":771,"global_ts_usec":1685983024598099} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983024598099,"flow_src_last_pkt_time":1685983024598099,"flow_dst_last_pkt_time":1685983024598099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983024598099,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":49217,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":160,"flow_packet_id":1,"flow_src_last_pkt_time":1685983024598099,"flow_dst_last_pkt_time":1685983024598099,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685983024598099,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPMRCY72S2hzWpG0OsBBAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983024598099,"flow_src_last_pkt_time":1685983024598099,"flow_dst_last_pkt_time":1685983024598099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983024598099,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":49217,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685981433727126,"flow_src_last_pkt_time":1685981433727126,"flow_dst_last_pkt_time":1685981433727126,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983024598099,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":38297,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983044584108,"flow_src_last_pkt_time":1685983044584108,"flow_dst_last_pkt_time":1685983044584108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983044584108,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50697,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":161,"flow_packet_id":1,"flow_src_last_pkt_time":1685983044584108,"flow_dst_last_pkt_time":1685983044584108,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685983044584108,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAPMRCZP2S2hzunDKNcYJAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983044584108,"flow_src_last_pkt_time":1685983044584108,"flow_dst_last_pkt_time":1685983044584108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983044584108,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50697,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":165,"packets-processed":164,"total-skipped-flows":0,"total-l4-payload-len":8788,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":161,"total-detection-updates":0,"total-updates":31,"current-active-flows":2,"total-active-flows":161,"total-idle-flows":159,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":779,"global_ts_usec":1685983887017305} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983887017305,"flow_src_last_pkt_time":1685983887017305,"flow_dst_last_pkt_time":1685983887017305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983887017305,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":57093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":162,"flow_packet_id":1,"flow_src_last_pkt_time":1685983887017305,"flow_dst_last_pkt_time":1685983887017305,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685983887017305,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPMRpTItfJOcVW80Od8FAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983887017305,"flow_src_last_pkt_time":1685983887017305,"flow_dst_last_pkt_time":1685983887017305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983887017305,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":57093,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983044584108,"flow_src_last_pkt_time":1685983044584108,"flow_dst_last_pkt_time":1685983044584108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983887017305,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50697,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983024598099,"flow_src_last_pkt_time":1685983024598099,"flow_dst_last_pkt_time":1685983024598099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983887017305,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":49217,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685984091734191,"flow_src_last_pkt_time":1685984091734191,"flow_dst_last_pkt_time":1685984091734191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685984091734191,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.141.37.56","src_port":60815,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":163,"flow_packet_id":1,"flow_src_last_pkt_time":1685984091734191,"flow_dst_last_pkt_time":1685984091734191,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685984091734191,"pkt":"3jHC4dyOPJTVQTiBCABFAAA11DEAAPER0x5RGCtqWo0lOO2PAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685984091734191,"flow_src_last_pkt_time":1685984091734191,"flow_dst_last_pkt_time":1685984091734191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685984091734191,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.141.37.56","src_port":60815,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983887017305,"flow_src_last_pkt_time":1685983887017305,"flow_dst_last_pkt_time":1685983887017305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685984091734191,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":57093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":167,"packets-processed":166,"total-skipped-flows":0,"total-l4-payload-len":8911,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":163,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":163,"total-idle-flows":162,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":789,"global_ts_usec":1685986621173581} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986621173581,"flow_src_last_pkt_time":1685986621173581,"flow_dst_last_pkt_time":1685986621173581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986621173581,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"74.111.203.55","src_port":34990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":164,"flow_packet_id":1,"flow_src_last_pkt_time":1685986621173581,"flow_dst_last_pkt_time":1685986621173581,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685986621173581,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRCZX2S2hzSm\/LN4iuAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986621173581,"flow_src_last_pkt_time":1685986621173581,"flow_dst_last_pkt_time":1685986621173581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986621173581,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"74.111.203.55","src_port":34990,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":168,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685984091734191,"flow_src_last_pkt_time":1685984091734191,"flow_dst_last_pkt_time":1685984091734191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986621173581,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.141.37.56","src_port":60815,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":168,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986711741123,"flow_src_last_pkt_time":1685986711741123,"flow_dst_last_pkt_time":1685986711741123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986711741123,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"90.147.171.51","src_port":41989,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":168,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":165,"flow_packet_id":1,"flow_src_last_pkt_time":1685986711741123,"flow_dst_last_pkt_time":1685986711741123,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685986711741123,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpTbvZI2ZWpOrM6QFAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":168,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986711741123,"flow_src_last_pkt_time":1685986711741123,"flow_dst_last_pkt_time":1685986711741123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986711741123,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"90.147.171.51","src_port":41989,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":169,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986621173581,"flow_src_last_pkt_time":1685986621173581,"flow_dst_last_pkt_time":1685986621173581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986711741123,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"74.111.203.55","src_port":34990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":169,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986755864865,"flow_src_last_pkt_time":1685986755864865,"flow_dst_last_pkt_time":1685986755864865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986755864865,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.114.202.61","src_port":39574,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":169,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":166,"flow_packet_id":1,"flow_src_last_pkt_time":1685986755864865,"flow_dst_last_pkt_time":1685986755864865,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685986755864865,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDMe4tKjwpXLKPZqWAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":169,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986755864865,"flow_src_last_pkt_time":1685986755864865,"flow_dst_last_pkt_time":1685986755864865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986755864865,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.114.202.61","src_port":39574,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":170,"packets-processed":169,"total-skipped-flows":0,"total-l4-payload-len":9205,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":166,"total-detection-updates":0,"total-updates":32,"current-active-flows":3,"total-active-flows":166,"total-idle-flows":163,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":801,"global_ts_usec":1685988729872897} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685988729872897,"flow_src_last_pkt_time":1685988729872897,"flow_dst_last_pkt_time":1685988729872897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.147.171.51","src_port":58836,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":167,"flow_packet_id":1,"flow_src_last_pkt_time":1685988729872897,"flow_dst_last_pkt_time":1685988729872897,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685988729872897,"pkt":"AAwp30Y4PJTVQTiBCABFAAA11DEAAPER0yRRGCtqWpOrM+XUAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685988729872897,"flow_src_last_pkt_time":1685988729872897,"flow_dst_last_pkt_time":1685988729872897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.147.171.51","src_port":58836,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986755864865,"flow_src_last_pkt_time":1685986755864865,"flow_dst_last_pkt_time":1685986755864865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.114.202.61","src_port":39574,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986621173581,"flow_src_last_pkt_time":1685986621173581,"flow_dst_last_pkt_time":1685986621173581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"74.111.203.55","src_port":34990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986711741123,"flow_src_last_pkt_time":1685986711741123,"flow_dst_last_pkt_time":1685986711741123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"90.147.171.51","src_port":41989,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":171,"packets-processed":170,"total-skipped-flows":0,"total-l4-payload-len":9230,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":167,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":167,"total-idle-flows":166,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":808,"global_ts_usec":1685993522728404} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685993522728404,"flow_src_last_pkt_time":1685993522728404,"flow_dst_last_pkt_time":1685993522728404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685993522728404,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.147.171.51","src_port":1724,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":168,"flow_packet_id":1,"flow_src_last_pkt_time":1685993522728404,"flow_dst_last_pkt_time":1685993522728404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685993522728404,"pkt":"AAwp30Y4PJTVQTiBCABFCABLWP8AACIRca5kOJtwWpOrMwa8AasANxsMAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685993522728404,"flow_src_last_pkt_time":1685993522728404,"flow_dst_last_pkt_time":1685993522728404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685993522728404,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.147.171.51","src_port":1724,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685988729872897,"flow_src_last_pkt_time":1685988729872897,"flow_dst_last_pkt_time":1685988729872897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685993522728404,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.147.171.51","src_port":58836,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":172,"packets-processed":171,"total-skipped-flows":0,"total-l4-payload-len":9277,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":168,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":168,"total-idle-flows":167,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":813,"global_ts_usec":1685998634406588} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685998634406588,"flow_src_last_pkt_time":1685998634406588,"flow_dst_last_pkt_time":1685998634406588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685998634406588,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"74.111.203.55","src_port":10457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":169,"flow_packet_id":1,"flow_src_last_pkt_time":1685998634406588,"flow_dst_last_pkt_time":1685998634406588,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685998634406588,"pkt":"ipffLU2SPJTVQTiBCABFCABLN5cAACQRjNbjhlHUSm\/LNyjZAasAN\/SuAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685998634406588,"flow_src_last_pkt_time":1685998634406588,"flow_dst_last_pkt_time":1685998634406588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685998634406588,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"74.111.203.55","src_port":10457,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685993522728404,"flow_src_last_pkt_time":1685993522728404,"flow_dst_last_pkt_time":1685993522728404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685998634406588,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.147.171.51","src_port":1724,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":173,"packets-processed":172,"total-skipped-flows":0,"total-l4-payload-len":9324,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":169,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":169,"total-idle-flows":168,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":818,"global_ts_usec":1685999686351420} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685999686351420,"flow_src_last_pkt_time":1685999686351420,"flow_dst_last_pkt_time":1685999686351420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685999686351420,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"74.111.203.55","src_port":6448,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":170,"flow_packet_id":1,"flow_src_last_pkt_time":1685999686351420,"flow_dst_last_pkt_time":1685999686351420,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":1685999686351420,"pkt":"ipffLU2SPJTVQTiBCABFAABUtPJAADQR3GZLiYbySm\/LNxkwAasAQAAAAgEAADggAAAAAGqbAAJlbgAAABdzZXJ2aWNlOmRpcmVjdG9yeS1hZ2VudAAHZGVmYXVsdAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685999686351420,"flow_src_last_pkt_time":1685999686351420,"flow_dst_last_pkt_time":1685999686351420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685999686351420,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"74.111.203.55","src_port":6448,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685998634406588,"flow_src_last_pkt_time":1685998634406588,"flow_dst_last_pkt_time":1685998634406588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685999686351420,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"74.111.203.55","src_port":10457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":174,"packets-processed":173,"total-skipped-flows":0,"total-l4-payload-len":9380,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":170,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":170,"total-idle-flows":169,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":823,"global_ts_usec":1686000601569343} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686000601569343,"flow_src_last_pkt_time":1686000601569343,"flow_dst_last_pkt_time":1686000601569343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686000601569343,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"165.144.84.62","src_port":2534,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":171,"flow_packet_id":1,"flow_src_last_pkt_time":1686000601569343,"flow_dst_last_pkt_time":1686000601569343,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686000601569343,"pkt":"AAwp30Y4PJTVQTiBCABFCABLI3sAACQRoOVbIWrapZBUPgnmAasANxOVAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686000601569343,"flow_src_last_pkt_time":1686000601569343,"flow_dst_last_pkt_time":1686000601569343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686000601569343,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"165.144.84.62","src_port":2534,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685999686351420,"flow_src_last_pkt_time":1685999686351420,"flow_dst_last_pkt_time":1685999686351420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686000601569343,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"74.111.203.55","src_port":6448,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":175,"packets-processed":174,"total-skipped-flows":0,"total-l4-payload-len":9427,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":171,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":171,"total-idle-flows":170,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":828,"global_ts_usec":1686003718804460} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686003718804460,"flow_src_last_pkt_time":1686003718804460,"flow_dst_last_pkt_time":1686003718804460,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686003718804460,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"85.111.52.57","src_port":6239,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":172,"flow_packet_id":1,"flow_src_last_pkt_time":1686003718804460,"flow_dst_last_pkt_time":1686003718804460,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686003718804460,"pkt":"moT+\/Ph8PJTVQTiBCABFAABLfOYAACcRVjsid3p+VW80ORhfAasANxbVAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686003718804460,"flow_src_last_pkt_time":1686003718804460,"flow_dst_last_pkt_time":1686003718804460,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686003718804460,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"85.111.52.57","src_port":6239,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686000601569343,"flow_src_last_pkt_time":1686000601569343,"flow_dst_last_pkt_time":1686000601569343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686003718804460,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"165.144.84.62","src_port":2534,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":176,"packets-processed":175,"total-skipped-flows":0,"total-l4-payload-len":9474,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":172,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":172,"total-idle-flows":171,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":833,"global_ts_usec":1686005514515876} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686005514515876,"flow_src_last_pkt_time":1686005514515876,"flow_dst_last_pkt_time":1686005514515876,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686005514515876,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":52664,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":173,"flow_packet_id":1,"flow_src_last_pkt_time":1686005514515876,"flow_dst_last_pkt_time":1686005514515876,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686005514515876,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqhguZGGTpXLKPc24AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686005514515876,"flow_src_last_pkt_time":1686005514515876,"flow_dst_last_pkt_time":1686005514515876,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686005514515876,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":52664,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686003718804460,"flow_src_last_pkt_time":1686003718804460,"flow_dst_last_pkt_time":1686003718804460,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686005514515876,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"85.111.52.57","src_port":6239,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":177,"packets-processed":176,"total-skipped-flows":0,"total-l4-payload-len":9572,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":173,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":173,"total-idle-flows":172,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":838,"global_ts_usec":1686006182252244} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006182252244,"flow_src_last_pkt_time":1686006182252244,"flow_dst_last_pkt_time":1686006182252244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006182252244,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.145.180.58","src_port":48098,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":174,"flow_packet_id":1,"flow_src_last_pkt_time":1686006182252244,"flow_dst_last_pkt_time":1686006182252244,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686006182252244,"pkt":"bs1PogZtPJTVQTiBCABFAAA11DEAAPER0xtRGCtqWpG0OrviAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006182252244,"flow_src_last_pkt_time":1686006182252244,"flow_dst_last_pkt_time":1686006182252244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006182252244,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.145.180.58","src_port":48098,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686005514515876,"flow_src_last_pkt_time":1686005514515876,"flow_dst_last_pkt_time":1686005514515876,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006182252244,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":52664,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":178,"packets-processed":177,"total-skipped-flows":0,"total-l4-payload-len":9597,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":174,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":174,"total-idle-flows":173,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":843,"global_ts_usec":1686006861718393} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006861718393,"flow_src_last_pkt_time":1686006861718393,"flow_dst_last_pkt_time":1686006861718393,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006861718393,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"165.114.202.61","src_port":43525,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":175,"flow_packet_id":1,"flow_src_last_pkt_time":1686006861718393,"flow_dst_last_pkt_time":1686006861718393,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686006861718393,"pkt":"AAwp30Y4PJTVQTiBCABFAAA11DEAAPER0xhRGCtqpXLKPaoFAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006861718393,"flow_src_last_pkt_time":1686006861718393,"flow_dst_last_pkt_time":1686006861718393,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006861718393,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"165.114.202.61","src_port":43525,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006182252244,"flow_src_last_pkt_time":1686006182252244,"flow_dst_last_pkt_time":1686006182252244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006861718393,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.145.180.58","src_port":48098,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":179,"packets-processed":178,"total-skipped-flows":0,"total-l4-payload-len":9622,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":175,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":175,"total-idle-flows":174,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":848,"global_ts_usec":1686010416557191} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010416557191,"flow_src_last_pkt_time":1686010416557191,"flow_dst_last_pkt_time":1686010416557191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010416557191,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"90.147.171.51","src_port":53342,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":176,"flow_packet_id":1,"flow_src_last_pkt_time":1686010416557191,"flow_dst_last_pkt_time":1686010416557191,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686010416557191,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbFkh2Fo4WpOrM9BeAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010416557191,"flow_src_last_pkt_time":1686010416557191,"flow_dst_last_pkt_time":1686010416557191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010416557191,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"90.147.171.51","src_port":53342,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":180,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006861718393,"flow_src_last_pkt_time":1686006861718393,"flow_dst_last_pkt_time":1686006861718393,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010416557191,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"165.114.202.61","src_port":43525,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":180,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010882769715,"flow_src_last_pkt_time":1686010882769715,"flow_dst_last_pkt_time":1686010882769715,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010882769715,"l3_proto":"ip4","src_ip":"161.47.199.37","dst_ip":"186.112.202.53","src_port":50010,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":180,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":177,"flow_packet_id":1,"flow_src_last_pkt_time":1686010882769715,"flow_dst_last_pkt_time":1686010882769715,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686010882769715,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbWahL8clunDKNcNaAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":180,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010882769715,"flow_src_last_pkt_time":1686010882769715,"flow_dst_last_pkt_time":1686010882769715,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010882769715,"l3_proto":"ip4","src_ip":"161.47.199.37","dst_ip":"186.112.202.53","src_port":50010,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010416557191,"flow_src_last_pkt_time":1686010416557191,"flow_dst_last_pkt_time":1686010416557191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010882769715,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"90.147.171.51","src_port":53342,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":181,"packets-processed":180,"total-skipped-flows":0,"total-l4-payload-len":9680,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":177,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":177,"total-idle-flows":176,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":857,"global_ts_usec":1686014238036586} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686014238036586,"flow_src_last_pkt_time":1686014238036586,"flow_dst_last_pkt_time":1686014238036586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686014238036586,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"90.111.212.50","src_port":41596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":178,"flow_packet_id":1,"flow_src_last_pkt_time":1686014238036586,"flow_dst_last_pkt_time":1686014238036586,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686014238036586,"pkt":"AAwp30Y4PJTVQTiBCABFAABLra8AACcRJW9dZnxwWm\/UMqJ8AasAN4y0AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686014238036586,"flow_src_last_pkt_time":1686014238036586,"flow_dst_last_pkt_time":1686014238036586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686014238036586,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"90.111.212.50","src_port":41596,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010882769715,"flow_src_last_pkt_time":1686010882769715,"flow_dst_last_pkt_time":1686010882769715,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686014238036586,"l3_proto":"ip4","src_ip":"161.47.199.37","dst_ip":"186.112.202.53","src_port":50010,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":182,"packets-processed":181,"total-skipped-flows":0,"total-l4-payload-len":9727,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":178,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":178,"total-idle-flows":177,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":862,"global_ts_usec":1686016759751712} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016759751712,"flow_src_last_pkt_time":1686016759751712,"flow_dst_last_pkt_time":1686016759751712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016759751712,"l3_proto":"ip4","src_ip":"119.34.147.222","dst_ip":"90.145.180.58","src_port":56878,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":179,"flow_packet_id":1,"flow_src_last_pkt_time":1686016759751712,"flow_dst_last_pkt_time":1686016759751712,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686016759751712,"pkt":"bs1PogZtPJTVQTiBCABFAAA+I89AADQRPpp3IpPeWpG0Ot4uAasAKqz2AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016759751712,"flow_src_last_pkt_time":1686016759751712,"flow_dst_last_pkt_time":1686016759751712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016759751712,"l3_proto":"ip4","src_ip":"119.34.147.222","dst_ip":"90.145.180.58","src_port":56878,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":183,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686014238036586,"flow_src_last_pkt_time":1686014238036586,"flow_dst_last_pkt_time":1686014238036586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016759751712,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"90.111.212.50","src_port":41596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":183,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016943855906,"flow_src_last_pkt_time":1686016943855906,"flow_dst_last_pkt_time":1686016943855906,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016943855906,"l3_proto":"ip4","src_ip":"249.149.111.219","dst_ip":"90.141.37.56","src_port":57636,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":183,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":180,"flow_packet_id":1,"flow_src_last_pkt_time":1686016943855906,"flow_dst_last_pkt_time":1686016943855906,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686016943855906,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+iI9AADQR2eD5lW\/bWo0lOOEkAasAKqoHAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":183,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016943855906,"flow_src_last_pkt_time":1686016943855906,"flow_dst_last_pkt_time":1686016943855906,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016943855906,"l3_proto":"ip4","src_ip":"249.149.111.219","dst_ip":"90.141.37.56","src_port":57636,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":184,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016759751712,"flow_src_last_pkt_time":1686016759751712,"flow_dst_last_pkt_time":1686016759751712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016943855906,"l3_proto":"ip4","src_ip":"119.34.147.222","dst_ip":"90.145.180.58","src_port":56878,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":184,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016985898059,"flow_src_last_pkt_time":1686016985898059,"flow_dst_last_pkt_time":1686016985898059,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016985898059,"l3_proto":"ip4","src_ip":"118.158.148.196","dst_ip":"165.114.202.61","src_port":44102,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":184,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":181,"flow_packet_id":1,"flow_src_last_pkt_time":1686016985898059,"flow_dst_last_pkt_time":1686016985898059,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686016985898059,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+wIdAADQRodJ2npTEpXLKPaxGAasAKt7PAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":184,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016985898059,"flow_src_last_pkt_time":1686016985898059,"flow_dst_last_pkt_time":1686016985898059,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016985898059,"l3_proto":"ip4","src_ip":"118.158.148.196","dst_ip":"165.114.202.61","src_port":44102,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":185,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686017148856498,"flow_src_last_pkt_time":1686017148856498,"flow_dst_last_pkt_time":1686017148856498,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017148856498,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"85.111.52.57","src_port":23876,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":185,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":182,"flow_packet_id":1,"flow_src_last_pkt_time":1686017148856498,"flow_dst_last_pkt_time":1686017148856498,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686017148856498,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+SJVAADQRGfKG2bjyVW80OV1EAasAKi3\/AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":185,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686017148856498,"flow_src_last_pkt_time":1686017148856498,"flow_dst_last_pkt_time":1686017148856498,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017148856498,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"85.111.52.57","src_port":23876,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":186,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016943855906,"flow_src_last_pkt_time":1686016943855906,"flow_dst_last_pkt_time":1686016943855906,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017148856498,"l3_proto":"ip4","src_ip":"249.149.111.219","dst_ip":"90.141.37.56","src_port":57636,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01115{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":186,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016985898059,"flow_src_last_pkt_time":1686016985898059,"flow_dst_last_pkt_time":1686016985898059,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017148856498,"l3_proto":"ip4","src_ip":"118.158.148.196","dst_ip":"165.114.202.61","src_port":44102,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":186,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686017305054145,"flow_src_last_pkt_time":1686017305054145,"flow_dst_last_pkt_time":1686017305054145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017305054145,"l3_proto":"ip4","src_ip":"185.97.76.211","dst_ip":"69.109.187.54","src_port":42268,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":186,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":183,"flow_packet_id":1,"flow_src_last_pkt_time":1686017305054145,"flow_dst_last_pkt_time":1686017305054145,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686017305054145,"pkt":"bpHurUgdPJTVQTiBCABFAAA+RnhAADQRHAO5YUzTRW27NqUcAasAKuYaAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":186,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686017305054145,"flow_src_last_pkt_time":1686017305054145,"flow_dst_last_pkt_time":1686017305054145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017305054145,"l3_proto":"ip4","src_ip":"185.97.76.211","dst_ip":"69.109.187.54","src_port":42268,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016985898059,"flow_src_last_pkt_time":1686016985898059,"flow_dst_last_pkt_time":1686016985898059,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017305054145,"l3_proto":"ip4","src_ip":"118.158.148.196","dst_ip":"165.114.202.61","src_port":44102,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686017148856498,"flow_src_last_pkt_time":1686017148856498,"flow_dst_last_pkt_time":1686017148856498,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017305054145,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"85.111.52.57","src_port":23876,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00588{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":187,"packets-processed":186,"total-skipped-flows":0,"total-l4-payload-len":9897,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":183,"total-detection-updates":0,"total-updates":34,"current-active-flows":2,"total-active-flows":183,"total-idle-flows":181,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":884,"global_ts_usec":1686018209196915} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018209196915,"flow_src_last_pkt_time":1686018209196915,"flow_dst_last_pkt_time":1686018209196915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018209196915,"l3_proto":"ip4","src_ip":"71.170.115.245","dst_ip":"74.111.203.55","src_port":44124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":184,"flow_packet_id":1,"flow_src_last_pkt_time":1686018209196915,"flow_dst_last_pkt_time":1686018209196915,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686018209196915,"pkt":"ipffLU2SPJTVQTiBCABFAAA+j29AADQR0xhHqnP1Sm\/LN6xcAasAKt7nAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018209196915,"flow_src_last_pkt_time":1686018209196915,"flow_dst_last_pkt_time":1686018209196915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018209196915,"l3_proto":"ip4","src_ip":"71.170.115.245","dst_ip":"74.111.203.55","src_port":44124,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":188,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686017305054145,"flow_src_last_pkt_time":1686017305054145,"flow_dst_last_pkt_time":1686017305054145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018209196915,"l3_proto":"ip4","src_ip":"185.97.76.211","dst_ip":"69.109.187.54","src_port":42268,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":188,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686017148856498,"flow_src_last_pkt_time":1686017148856498,"flow_dst_last_pkt_time":1686017148856498,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018209196915,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"85.111.52.57","src_port":23876,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":188,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018506277421,"flow_src_last_pkt_time":1686018506277421,"flow_dst_last_pkt_time":1686018506277421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018506277421,"l3_proto":"ip4","src_ip":"198.153.87.225","dst_ip":"165.144.84.62","src_port":34996,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":188,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":185,"flow_packet_id":1,"flow_src_last_pkt_time":1686018506277421,"flow_dst_last_pkt_time":1686018506277421,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686018506277421,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+hZxAADQR3OrGmVfhpZBUPoi0AasAKgKPAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":188,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018506277421,"flow_src_last_pkt_time":1686018506277421,"flow_dst_last_pkt_time":1686018506277421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018506277421,"l3_proto":"ip4","src_ip":"198.153.87.225","dst_ip":"165.144.84.62","src_port":34996,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":189,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018209196915,"flow_src_last_pkt_time":1686018209196915,"flow_dst_last_pkt_time":1686018209196915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018506277421,"l3_proto":"ip4","src_ip":"71.170.115.245","dst_ip":"74.111.203.55","src_port":44124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":189,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018689761553,"flow_src_last_pkt_time":1686018689761553,"flow_dst_last_pkt_time":1686018689761553,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018689761553,"l3_proto":"ip4","src_ip":"71.170.115.245","dst_ip":"90.111.212.50","src_port":44124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":189,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":186,"flow_packet_id":1,"flow_src_last_pkt_time":1686018689761553,"flow_dst_last_pkt_time":1686018689761553,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686018689761553,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+mcVAADQRyMNHqnP1Wm\/UMqxcAasAKt7oAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":189,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018689761553,"flow_src_last_pkt_time":1686018689761553,"flow_dst_last_pkt_time":1686018689761553,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018689761553,"l3_proto":"ip4","src_ip":"71.170.115.245","dst_ip":"90.111.212.50","src_port":44124,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":190,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018506277421,"flow_src_last_pkt_time":1686018506277421,"flow_dst_last_pkt_time":1686018506277421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018689761553,"l3_proto":"ip4","src_ip":"198.153.87.225","dst_ip":"165.144.84.62","src_port":34996,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":190,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018707030417,"flow_src_last_pkt_time":1686018707030417,"flow_dst_last_pkt_time":1686018707030417,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018707030417,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"90.147.171.51","src_port":41215,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":190,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":187,"flow_packet_id":1,"flow_src_last_pkt_time":1686018707030417,"flow_dst_last_pkt_time":1686018707030417,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686018707030417,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+oClAADQRwmSG2bjyWpOrM6D\/AasAKupKAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":190,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018707030417,"flow_src_last_pkt_time":1686018707030417,"flow_dst_last_pkt_time":1686018707030417,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018707030417,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"90.147.171.51","src_port":41215,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":191,"packets-processed":190,"total-skipped-flows":0,"total-l4-payload-len":10033,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":187,"total-detection-updates":0,"total-updates":34,"current-active-flows":2,"total-active-flows":187,"total-idle-flows":185,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":901,"global_ts_usec":1686019249802467} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686019249802467,"flow_src_last_pkt_time":1686019249802467,"flow_dst_last_pkt_time":1686019249802467,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686019249802467,"l3_proto":"ip4","src_ip":"56.82.128.250","dst_ip":"186.112.202.53","src_port":53705,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":188,"flow_packet_id":1,"flow_src_last_pkt_time":1686019249802467,"flow_dst_last_pkt_time":1686019249802467,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686019249802467,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+q7VAADQRtsw4UoD6unDKNdHJAasAKrl0AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686019249802467,"flow_src_last_pkt_time":1686019249802467,"flow_dst_last_pkt_time":1686019249802467,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686019249802467,"l3_proto":"ip4","src_ip":"56.82.128.250","dst_ip":"186.112.202.53","src_port":53705,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018707030417,"flow_src_last_pkt_time":1686018707030417,"flow_dst_last_pkt_time":1686018707030417,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686019249802467,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"90.147.171.51","src_port":41215,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018689761553,"flow_src_last_pkt_time":1686018689761553,"flow_dst_last_pkt_time":1686018689761553,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686019249802467,"l3_proto":"ip4","src_ip":"71.170.115.245","dst_ip":"90.111.212.50","src_port":44124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":192,"packets-processed":191,"total-skipped-flows":0,"total-l4-payload-len":10067,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":188,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":188,"total-idle-flows":187,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":907,"global_ts_usec":1686021648125792} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686021648125792,"flow_src_last_pkt_time":1686021648125792,"flow_dst_last_pkt_time":1686021648125792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686021648125792,"l3_proto":"ip4","src_ip":"218.211.196.58","dst_ip":"85.111.52.57","src_port":52158,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":189,"flow_packet_id":1,"flow_src_last_pkt_time":1686021648125792,"flow_dst_last_pkt_time":1686021648125792,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686021648125792,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbU\/a08Q6VW80Ocu+AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686021648125792,"flow_src_last_pkt_time":1686021648125792,"flow_dst_last_pkt_time":1686021648125792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686021648125792,"l3_proto":"ip4","src_ip":"218.211.196.58","dst_ip":"85.111.52.57","src_port":52158,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686019249802467,"flow_src_last_pkt_time":1686019249802467,"flow_dst_last_pkt_time":1686019249802467,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686021648125792,"l3_proto":"ip4","src_ip":"56.82.128.250","dst_ip":"186.112.202.53","src_port":53705,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":193,"packets-processed":192,"total-skipped-flows":0,"total-l4-payload-len":10096,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":189,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":189,"total-idle-flows":188,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":912,"global_ts_usec":1686031186113585} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686031186113585,"flow_src_last_pkt_time":1686031186113585,"flow_dst_last_pkt_time":1686031186113585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686031186113585,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":34095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":190,"flow_packet_id":1,"flow_src_last_pkt_time":1686031186113585,"flow_dst_last_pkt_time":1686031186113585,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686031186113585,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpTjsg6KdWpOrM4UvAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686031186113585,"flow_src_last_pkt_time":1686031186113585,"flow_dst_last_pkt_time":1686031186113585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686031186113585,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":34095,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686021648125792,"flow_src_last_pkt_time":1686021648125792,"flow_dst_last_pkt_time":1686021648125792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686031186113585,"l3_proto":"ip4","src_ip":"218.211.196.58","dst_ip":"85.111.52.57","src_port":52158,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":194,"packets-processed":193,"total-skipped-flows":0,"total-l4-payload-len":10194,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":190,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":190,"total-idle-flows":189,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":917,"global_ts_usec":1686032769267683} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686032769267683,"flow_src_last_pkt_time":1686032769267683,"flow_dst_last_pkt_time":1686032769267683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686032769267683,"l3_proto":"ip4","src_ip":"177.48.184.247","dst_ip":"165.114.202.61","src_port":56640,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":191,"flow_packet_id":1,"flow_src_last_pkt_time":1686032769267683,"flow_dst_last_pkt_time":1686032769267683,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686032769267683,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXuqxMLj3pXLKPd1AAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686032769267683,"flow_src_last_pkt_time":1686032769267683,"flow_dst_last_pkt_time":1686032769267683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686032769267683,"l3_proto":"ip4","src_ip":"177.48.184.247","dst_ip":"165.114.202.61","src_port":56640,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686031186113585,"flow_src_last_pkt_time":1686031186113585,"flow_dst_last_pkt_time":1686031186113585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686032769267683,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":34095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":195,"packets-processed":194,"total-skipped-flows":0,"total-l4-payload-len":10223,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":191,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":191,"total-idle-flows":190,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":922,"global_ts_usec":1686040872007912} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686040872007912,"flow_src_last_pkt_time":1686040872007912,"flow_dst_last_pkt_time":1686040872007912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686040872007912,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"90.111.212.50","src_port":53489,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":192,"flow_packet_id":1,"flow_src_last_pkt_time":1686040872007912,"flow_dst_last_pkt_time":1686040872007912,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686040872007912,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbedFJOfmWm\/UMtDxAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686040872007912,"flow_src_last_pkt_time":1686040872007912,"flow_dst_last_pkt_time":1686040872007912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686040872007912,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"90.111.212.50","src_port":53489,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686032769267683,"flow_src_last_pkt_time":1686032769267683,"flow_dst_last_pkt_time":1686032769267683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686040872007912,"l3_proto":"ip4","src_ip":"177.48.184.247","dst_ip":"165.114.202.61","src_port":56640,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":196,"packets-processed":195,"total-skipped-flows":0,"total-l4-payload-len":10252,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":192,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":192,"total-idle-flows":191,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":927,"global_ts_usec":1686043388705512} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686043388705512,"flow_src_last_pkt_time":1686043388705512,"flow_dst_last_pkt_time":1686043388705512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686043388705512,"l3_proto":"ip4","src_ip":"44.239.95.30","dst_ip":"74.111.203.55","src_port":56105,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":193,"flow_packet_id":1,"flow_src_last_pkt_time":1686043388705512,"flow_dst_last_pkt_time":1686043388705512,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686043388705512,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRXlks718eSm\/LN9spAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686043388705512,"flow_src_last_pkt_time":1686043388705512,"flow_dst_last_pkt_time":1686043388705512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686043388705512,"l3_proto":"ip4","src_ip":"44.239.95.30","dst_ip":"74.111.203.55","src_port":56105,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686040872007912,"flow_src_last_pkt_time":1686040872007912,"flow_dst_last_pkt_time":1686040872007912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686043388705512,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"90.111.212.50","src_port":53489,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":197,"packets-processed":196,"total-skipped-flows":0,"total-l4-payload-len":10281,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":193,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":193,"total-idle-flows":192,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":932,"global_ts_usec":1686044168857770} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686044168857770,"flow_src_last_pkt_time":1686044168857770,"flow_dst_last_pkt_time":1686044168857770,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686044168857770,"l3_proto":"ip4","src_ip":"80.16.0.251","dst_ip":"165.144.84.62","src_port":49389,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":194,"flow_packet_id":1,"flow_src_last_pkt_time":1686044168857770,"flow_dst_last_pkt_time":1686044168857770,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686044168857770,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRX+RQEAD7pZBUPsDtAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686044168857770,"flow_src_last_pkt_time":1686044168857770,"flow_dst_last_pkt_time":1686044168857770,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686044168857770,"l3_proto":"ip4","src_ip":"80.16.0.251","dst_ip":"165.144.84.62","src_port":49389,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686043388705512,"flow_src_last_pkt_time":1686043388705512,"flow_dst_last_pkt_time":1686043388705512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686044168857770,"l3_proto":"ip4","src_ip":"44.239.95.30","dst_ip":"74.111.203.55","src_port":56105,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":198,"packets-processed":197,"total-skipped-flows":0,"total-l4-payload-len":10310,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":194,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":194,"total-idle-flows":193,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":937,"global_ts_usec":1686046546512327} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686046546512327,"flow_src_last_pkt_time":1686046546512327,"flow_dst_last_pkt_time":1686046546512327,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686046546512327,"l3_proto":"ip4","src_ip":"165.37.39.94","dst_ip":"69.109.187.54","src_port":49159,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":195,"flow_packet_id":1,"flow_src_last_pkt_time":1686046546512327,"flow_dst_last_pkt_time":1686046546512327,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686046546512327,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRbY2lJSdeRW27NsAHAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686046546512327,"flow_src_last_pkt_time":1686046546512327,"flow_dst_last_pkt_time":1686046546512327,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686046546512327,"l3_proto":"ip4","src_ip":"165.37.39.94","dst_ip":"69.109.187.54","src_port":49159,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686044168857770,"flow_src_last_pkt_time":1686044168857770,"flow_dst_last_pkt_time":1686044168857770,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686046546512327,"l3_proto":"ip4","src_ip":"80.16.0.251","dst_ip":"165.144.84.62","src_port":49389,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":199,"packets-processed":198,"total-skipped-flows":0,"total-l4-payload-len":10339,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":195,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":195,"total-idle-flows":194,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":942,"global_ts_usec":1686047674470156} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686047674470156,"flow_src_last_pkt_time":1686047674470156,"flow_dst_last_pkt_time":1686047674470156,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686047674470156,"l3_proto":"ip4","src_ip":"178.14.64.233","dst_ip":"90.141.37.56","src_port":55586,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":196,"flow_packet_id":1,"flow_src_last_pkt_time":1686047674470156,"flow_dst_last_pkt_time":1686047674470156,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686047674470156,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRXv+yDkDpWo0lONkiAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686047674470156,"flow_src_last_pkt_time":1686047674470156,"flow_dst_last_pkt_time":1686047674470156,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686047674470156,"l3_proto":"ip4","src_ip":"178.14.64.233","dst_ip":"90.141.37.56","src_port":55586,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686046546512327,"flow_src_last_pkt_time":1686046546512327,"flow_dst_last_pkt_time":1686046546512327,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686047674470156,"l3_proto":"ip4","src_ip":"165.37.39.94","dst_ip":"69.109.187.54","src_port":49159,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":200,"packets-processed":199,"total-skipped-flows":0,"total-l4-payload-len":10368,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":196,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":196,"total-idle-flows":195,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":947,"global_ts_usec":1686052550759741} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686052550759741,"flow_src_last_pkt_time":1686052550759741,"flow_dst_last_pkt_time":1686052550759741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686052550759741,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":47437,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":197,"flow_packet_id":1,"flow_src_last_pkt_time":1686052550759741,"flow_dst_last_pkt_time":1686052550759741,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686052550759741,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPblNAasAJTEiAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686052550759741,"flow_src_last_pkt_time":1686052550759741,"flow_dst_last_pkt_time":1686052550759741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686052550759741,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":47437,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686047674470156,"flow_src_last_pkt_time":1686047674470156,"flow_dst_last_pkt_time":1686047674470156,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686052550759741,"l3_proto":"ip4","src_ip":"178.14.64.233","dst_ip":"90.141.37.56","src_port":55586,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":201,"packets-processed":200,"total-skipped-flows":0,"total-l4-payload-len":10397,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":197,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":197,"total-idle-flows":196,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":952,"global_ts_usec":1686054840592952} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686054840592952,"flow_src_last_pkt_time":1686054840592952,"flow_dst_last_pkt_time":1686054840592952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686054840592952,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":44893,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":198,"flow_packet_id":1,"flow_src_last_pkt_time":1686054840592952,"flow_dst_last_pkt_time":1686054840592952,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686054840592952,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27Nq9dAasAJTsbAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686054840592952,"flow_src_last_pkt_time":1686054840592952,"flow_dst_last_pkt_time":1686054840592952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686054840592952,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":44893,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686052550759741,"flow_src_last_pkt_time":1686052550759741,"flow_dst_last_pkt_time":1686052550759741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686054840592952,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":47437,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686055302350311,"flow_src_last_pkt_time":1686055302350311,"flow_dst_last_pkt_time":1686055302350311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686055302350311,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":46878,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":199,"flow_packet_id":1,"flow_src_last_pkt_time":1686055302350311,"flow_dst_last_pkt_time":1686055302350311,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686055302350311,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80ObceAasAJTNWAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686055302350311,"flow_src_last_pkt_time":1686055302350311,"flow_dst_last_pkt_time":1686055302350311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686055302350311,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":46878,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686054840592952,"flow_src_last_pkt_time":1686054840592952,"flow_dst_last_pkt_time":1686054840592952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686055302350311,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":44893,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":203,"packets-processed":202,"total-skipped-flows":0,"total-l4-payload-len":10455,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":199,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":199,"total-idle-flows":198,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":961,"global_ts_usec":1686056089625694} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686056089625694,"flow_src_last_pkt_time":1686056089625694,"flow_dst_last_pkt_time":1686056089625694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686056089625694,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":39691,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":200,"flow_packet_id":1,"flow_src_last_pkt_time":1686056089625694,"flow_dst_last_pkt_time":1686056089625694,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686056089625694,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMpsLAasAJU9vAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686056089625694,"flow_src_last_pkt_time":1686056089625694,"flow_dst_last_pkt_time":1686056089625694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686056089625694,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":39691,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686055302350311,"flow_src_last_pkt_time":1686055302350311,"flow_dst_last_pkt_time":1686055302350311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686056089625694,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":46878,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":204,"packets-processed":203,"total-skipped-flows":0,"total-l4-payload-len":10484,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":200,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":200,"total-idle-flows":199,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":966,"global_ts_usec":1686057077798333} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057077798333,"flow_src_last_pkt_time":1686057077798333,"flow_dst_last_pkt_time":1686057077798333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057077798333,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":59069,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":201,"flow_packet_id":1,"flow_src_last_pkt_time":1686057077798333,"flow_dst_last_pkt_time":1686057077798333,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686057077798333,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN+a9AasAJQO8AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057077798333,"flow_src_last_pkt_time":1686057077798333,"flow_dst_last_pkt_time":1686057077798333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057077798333,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":59069,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686056089625694,"flow_src_last_pkt_time":1686056089625694,"flow_dst_last_pkt_time":1686056089625694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057077798333,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":39691,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057628692531,"flow_src_last_pkt_time":1686057628692531,"flow_dst_last_pkt_time":1686057628692531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057628692531,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":51406,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":202,"flow_packet_id":1,"flow_src_last_pkt_time":1686057628692531,"flow_dst_last_pkt_time":1686057628692531,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686057628692531,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM8jOAasAJSGtAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057628692531,"flow_src_last_pkt_time":1686057628692531,"flow_dst_last_pkt_time":1686057628692531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057628692531,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":51406,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057077798333,"flow_src_last_pkt_time":1686057077798333,"flow_dst_last_pkt_time":1686057077798333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057628692531,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":59069,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":206,"packets-processed":205,"total-skipped-flows":0,"total-l4-payload-len":10542,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":202,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":202,"total-idle-flows":201,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":975,"global_ts_usec":1686057720083465} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057720083465,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057720083465,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":35296,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_packet_id":1,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686057720083465,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lOIngAasAJWCVAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057720083465,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057720083465,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":35296,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":207,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057628692531,"flow_src_last_pkt_time":1686057628692531,"flow_dst_last_pkt_time":1686057628692531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057720083465,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":51406,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":207,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057824020237,"flow_src_last_pkt_time":1686057824020237,"flow_dst_last_pkt_time":1686057824020237,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057824020237,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":48172,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":207,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":204,"flow_packet_id":1,"flow_src_last_pkt_time":1686057824020237,"flow_dst_last_pkt_time":1686057824020237,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686057824020237,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPURKLTIH5CeWpG0OrwsAasAJS5GAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":207,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057824020237,"flow_src_last_pkt_time":1686057824020237,"flow_dst_last_pkt_time":1686057824020237,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057824020237,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":48172,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057628692531,"flow_src_last_pkt_time":1686057628692531,"flow_dst_last_pkt_time":1686057628692531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057824020237,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":51406,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057720083465,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057824020237,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":35296,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":208,"packets-processed":207,"total-skipped-flows":0,"total-l4-payload-len":10600,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":204,"total-detection-updates":0,"total-updates":36,"current-active-flows":2,"total-active-flows":204,"total-idle-flows":202,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":985,"global_ts_usec":1686059089399919} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686059089399919,"flow_src_last_pkt_time":1686059089399919,"flow_dst_last_pkt_time":1686059089399919,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686059089399919,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":53249,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":205,"flow_packet_id":1,"flow_src_last_pkt_time":1686059089399919,"flow_dst_last_pkt_time":1686059089399919,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686059089399919,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPtABAasAJRpvAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686059089399919,"flow_src_last_pkt_time":1686059089399919,"flow_dst_last_pkt_time":1686059089399919,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686059089399919,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":53249,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057720083465,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686059089399919,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":35296,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057824020237,"flow_src_last_pkt_time":1686057824020237,"flow_dst_last_pkt_time":1686057824020237,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686059089399919,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":48172,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00589{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":209,"packets-processed":208,"total-skipped-flows":0,"total-l4-payload-len":10629,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":205,"total-detection-updates":0,"total-updates":36,"current-active-flows":1,"total-active-flows":205,"total-idle-flows":204,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":991,"global_ts_usec":1686063230217187} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063230217187,"flow_src_last_pkt_time":1686063230217187,"flow_dst_last_pkt_time":1686063230217187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063230217187,"l3_proto":"ip4","src_ip":"16.100.83.145","dst_ip":"90.147.171.51","src_port":60232,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":206,"flow_packet_id":1,"flow_src_last_pkt_time":1686063230217187,"flow_dst_last_pkt_time":1686063230217187,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686063230217187,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqiYQZFORWpOrM+tIAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063230217187,"flow_src_last_pkt_time":1686063230217187,"flow_dst_last_pkt_time":1686063230217187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063230217187,"l3_proto":"ip4","src_ip":"16.100.83.145","dst_ip":"90.147.171.51","src_port":60232,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":210,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686059089399919,"flow_src_last_pkt_time":1686059089399919,"flow_dst_last_pkt_time":1686059089399919,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063230217187,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":53249,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":210,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063367901199,"flow_src_last_pkt_time":1686063367901199,"flow_dst_last_pkt_time":1686063367901199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063367901199,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"186.112.202.53","src_port":36840,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":210,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":207,"flow_packet_id":1,"flow_src_last_pkt_time":1686063367901199,"flow_dst_last_pkt_time":1686063367901199,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686063367901199,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAO8RDc+4tKjwunDKNY\/oAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":210,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063367901199,"flow_src_last_pkt_time":1686063367901199,"flow_dst_last_pkt_time":1686063367901199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063367901199,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"186.112.202.53","src_port":36840,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":211,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063230217187,"flow_src_last_pkt_time":1686063230217187,"flow_dst_last_pkt_time":1686063230217187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063367901199,"l3_proto":"ip4","src_ip":"16.100.83.145","dst_ip":"90.147.171.51","src_port":60232,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":211,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063784551832,"flow_src_last_pkt_time":1686063784551832,"flow_dst_last_pkt_time":1686063784551832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063784551832,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.111.212.50","src_port":34236,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":211,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":208,"flow_packet_id":1,"flow_src_last_pkt_time":1686063784551832,"flow_dst_last_pkt_time":1686063784551832,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686063784551832,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSwQY5OSWm\/UMoW8AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":211,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063784551832,"flow_src_last_pkt_time":1686063784551832,"flow_dst_last_pkt_time":1686063784551832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063784551832,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.111.212.50","src_port":34236,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063230217187,"flow_src_last_pkt_time":1686063230217187,"flow_dst_last_pkt_time":1686063230217187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063784551832,"l3_proto":"ip4","src_ip":"16.100.83.145","dst_ip":"90.147.171.51","src_port":60232,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063367901199,"flow_src_last_pkt_time":1686063367901199,"flow_dst_last_pkt_time":1686063367901199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063784551832,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"186.112.202.53","src_port":36840,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":212,"packets-processed":211,"total-skipped-flows":0,"total-l4-payload-len":10923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":208,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":208,"total-idle-flows":207,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1005,"global_ts_usec":1686065747925784} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686065747925784,"flow_src_last_pkt_time":1686065747925784,"flow_dst_last_pkt_time":1686065747925784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686065747925784,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":53230,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":209,"flow_packet_id":1,"flow_src_last_pkt_time":1686065747925784,"flow_dst_last_pkt_time":1686065747925784,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686065747925784,"pkt":"bs1PogZtPJTVQTiBCABFCAB+1DEAAO0REAC2tHiLWpG0Os\/uAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686065747925784,"flow_src_last_pkt_time":1686065747925784,"flow_dst_last_pkt_time":1686065747925784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686065747925784,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":53230,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063784551832,"flow_src_last_pkt_time":1686063784551832,"flow_dst_last_pkt_time":1686063784551832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686065747925784,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.111.212.50","src_port":34236,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":213,"packets-processed":212,"total-skipped-flows":0,"total-l4-payload-len":11021,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":209,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":209,"total-idle-flows":208,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1010,"global_ts_usec":1686066398914580} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686066398914580,"flow_src_last_pkt_time":1686066398914580,"flow_dst_last_pkt_time":1686066398914580,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686066398914580,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":38609,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":210,"flow_packet_id":1,"flow_src_last_pkt_time":1686066398914580,"flow_dst_last_pkt_time":1686066398914580,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686066398914580,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAO0REAO2tHiLWo0lOJbRAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686066398914580,"flow_src_last_pkt_time":1686066398914580,"flow_dst_last_pkt_time":1686066398914580,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686066398914580,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":38609,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686065747925784,"flow_src_last_pkt_time":1686065747925784,"flow_dst_last_pkt_time":1686065747925784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686066398914580,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":53230,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":214,"packets-processed":213,"total-skipped-flows":0,"total-l4-payload-len":11119,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":210,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":210,"total-idle-flows":209,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1015,"global_ts_usec":1686067317662813} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067317662813,"flow_src_last_pkt_time":1686067317662813,"flow_dst_last_pkt_time":1686067317662813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067317662813,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":36797,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":211,"flow_packet_id":1,"flow_src_last_pkt_time":1686067317662813,"flow_dst_last_pkt_time":1686067317662813,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686067317662813,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSUTY5OUpXLKPY+9AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067317662813,"flow_src_last_pkt_time":1686067317662813,"flow_dst_last_pkt_time":1686067317662813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067317662813,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":36797,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":215,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686066398914580,"flow_src_last_pkt_time":1686066398914580,"flow_dst_last_pkt_time":1686066398914580,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067317662813,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":38609,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":215,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067699688902,"flow_src_last_pkt_time":1686067699688902,"flow_dst_last_pkt_time":1686067699688902,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067699688902,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"165.144.84.62","src_port":36751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":215,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":212,"flow_packet_id":1,"flow_src_last_pkt_time":1686067699688902,"flow_dst_last_pkt_time":1686067699688902,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686067699688902,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqiQtg6GYpZBUPo+PAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":215,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067699688902,"flow_src_last_pkt_time":1686067699688902,"flow_dst_last_pkt_time":1686067699688902,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067699688902,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"165.144.84.62","src_port":36751,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067317662813,"flow_src_last_pkt_time":1686067317662813,"flow_dst_last_pkt_time":1686067317662813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067699688902,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":36797,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":216,"packets-processed":215,"total-skipped-flows":0,"total-l4-payload-len":11315,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":212,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":212,"total-idle-flows":211,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1024,"global_ts_usec":1686071042176869} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686071042176869,"flow_src_last_pkt_time":1686071042176869,"flow_dst_last_pkt_time":1686071042176869,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686071042176869,"l3_proto":"ip4","src_ip":"45.100.140.153","dst_ip":"74.111.203.55","src_port":54538,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":213,"flow_packet_id":1,"flow_src_last_pkt_time":1686071042176869,"flow_dst_last_pkt_time":1686071042176869,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686071042176869,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAO0RqiwtZIyZSm\/LN9UKAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686071042176869,"flow_src_last_pkt_time":1686071042176869,"flow_dst_last_pkt_time":1686071042176869,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686071042176869,"l3_proto":"ip4","src_ip":"45.100.140.153","dst_ip":"74.111.203.55","src_port":54538,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067699688902,"flow_src_last_pkt_time":1686067699688902,"flow_dst_last_pkt_time":1686067699688902,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686071042176869,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"165.144.84.62","src_port":36751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":217,"packets-processed":216,"total-skipped-flows":0,"total-l4-payload-len":11413,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":213,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":213,"total-idle-flows":212,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1029,"global_ts_usec":1686075500413977} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686075500413977,"flow_src_last_pkt_time":1686075500413977,"flow_dst_last_pkt_time":1686075500413977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686075500413977,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.141.37.56","src_port":26355,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":214,"flow_packet_id":1,"flow_src_last_pkt_time":1686075500413977,"flow_dst_last_pkt_time":1686075500413977,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686075500413977,"pkt":"3jHC4dyOPJTVQTiBCABFCABLp64AACQRHLRnR5LeWo0lOGbzAasAN7aJAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686075500413977,"flow_src_last_pkt_time":1686075500413977,"flow_dst_last_pkt_time":1686075500413977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686075500413977,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.141.37.56","src_port":26355,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686071042176869,"flow_src_last_pkt_time":1686071042176869,"flow_dst_last_pkt_time":1686071042176869,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686075500413977,"l3_proto":"ip4","src_ip":"45.100.140.153","dst_ip":"74.111.203.55","src_port":54538,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":218,"packets-processed":217,"total-skipped-flows":0,"total-l4-payload-len":11460,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":214,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":214,"total-idle-flows":213,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1034,"global_ts_usec":1686081952749133} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686081952749133,"flow_src_last_pkt_time":1686081952749133,"flow_dst_last_pkt_time":1686081952749133,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686081952749133,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.147.171.51","src_port":64387,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":215,"flow_packet_id":1,"flow_src_last_pkt_time":1686081952749133,"flow_dst_last_pkt_time":1686081952749133,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686081952749133,"pkt":"AAwp30Y4PJTVQTiBCABFCABLEn4AACQRsepnR5LeWpOrM\/uDAasANyH\/AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686081952749133,"flow_src_last_pkt_time":1686081952749133,"flow_dst_last_pkt_time":1686081952749133,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686081952749133,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.147.171.51","src_port":64387,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":219,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686075500413977,"flow_src_last_pkt_time":1686075500413977,"flow_dst_last_pkt_time":1686075500413977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686081952749133,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.141.37.56","src_port":26355,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":219,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082067713083,"flow_src_last_pkt_time":1686082067713083,"flow_dst_last_pkt_time":1686082067713083,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082067713083,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.111.212.50","src_port":53130,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":219,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":216,"flow_packet_id":1,"flow_src_last_pkt_time":1686082067713083,"flow_dst_last_pkt_time":1686082067713083,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686082067713083,"pkt":"AAwp30Y4PJTVQTiBCABFCABLYc8AACIRaN1kOJtwWm\/UMs+KAasAN1I8AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":219,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082067713083,"flow_src_last_pkt_time":1686082067713083,"flow_dst_last_pkt_time":1686082067713083,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082067713083,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.111.212.50","src_port":53130,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686081952749133,"flow_src_last_pkt_time":1686081952749133,"flow_dst_last_pkt_time":1686081952749133,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082067713083,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.147.171.51","src_port":64387,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":220,"packets-processed":219,"total-skipped-flows":0,"total-l4-payload-len":11554,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":216,"total-detection-updates":0,"total-updates":38,"current-active-flows":2,"total-active-flows":216,"total-idle-flows":214,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1043,"global_ts_usec":1686082597517294} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082597517294,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082597517294,"l3_proto":"ip4","src_ip":"186.27.5.237","dst_ip":"90.147.171.51","src_port":51315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_packet_id":1,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686082597517294,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbe66GwXtWpOrM8hzAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082597517294,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082597517294,"l3_proto":"ip4","src_ip":"186.27.5.237","dst_ip":"90.147.171.51","src_port":51315,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":221,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686081952749133,"flow_src_last_pkt_time":1686081952749133,"flow_dst_last_pkt_time":1686081952749133,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082597517294,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.147.171.51","src_port":64387,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":221,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082067713083,"flow_src_last_pkt_time":1686082067713083,"flow_dst_last_pkt_time":1686082067713083,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082597517294,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.111.212.50","src_port":53130,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":221,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082771466382,"flow_src_last_pkt_time":1686082771466382,"flow_dst_last_pkt_time":1686082771466382,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082771466382,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"85.111.52.57","src_port":8220,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":221,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":218,"flow_packet_id":1,"flow_src_last_pkt_time":1686082771466382,"flow_dst_last_pkt_time":1686082771466382,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686082771466382,"pkt":"moT+\/Ph8PJTVQTiBCABFCABL6nUAACIR4DqnB5p9VW80OSAcAasANwGvAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":221,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082771466382,"flow_src_last_pkt_time":1686082771466382,"flow_dst_last_pkt_time":1686082771466382,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082771466382,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"85.111.52.57","src_port":8220,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082597517294,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082771466382,"l3_proto":"ip4","src_ip":"186.27.5.237","dst_ip":"90.147.171.51","src_port":51315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":222,"packets-processed":221,"total-skipped-flows":0,"total-l4-payload-len":11630,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":218,"total-detection-updates":0,"total-updates":39,"current-active-flows":2,"total-active-flows":218,"total-idle-flows":216,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1053,"global_ts_usec":1686085137783742} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686085137783742,"flow_src_last_pkt_time":1686085137783742,"flow_dst_last_pkt_time":1686085137783742,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686085137783742,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"85.111.52.57","src_port":59003,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":219,"flow_packet_id":1,"flow_src_last_pkt_time":1686085137783742,"flow_dst_last_pkt_time":1686085137783742,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686085137783742,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPIRpSUuZGGTVW80OeZ7AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686085137783742,"flow_src_last_pkt_time":1686085137783742,"flow_dst_last_pkt_time":1686085137783742,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686085137783742,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"85.111.52.57","src_port":59003,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082771466382,"flow_src_last_pkt_time":1686082771466382,"flow_dst_last_pkt_time":1686082771466382,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686085137783742,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"85.111.52.57","src_port":8220,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082597517294,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686085137783742,"l3_proto":"ip4","src_ip":"186.27.5.237","dst_ip":"90.147.171.51","src_port":51315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":223,"packets-processed":222,"total-skipped-flows":0,"total-l4-payload-len":11728,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":219,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":219,"total-idle-flows":218,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1059,"global_ts_usec":1686086498336760} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686086498336760,"flow_src_last_pkt_time":1686086498336760,"flow_dst_last_pkt_time":1686086498336760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686086498336760,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.141.37.56","src_port":35493,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":220,"flow_packet_id":1,"flow_src_last_pkt_time":1686086498336760,"flow_dst_last_pkt_time":1686086498336760,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686086498336760,"pkt":"3jHC4dyOPJTVQTiBCABFAABSWVwAAG0Ru0FDnxCWWo0lOIqlAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686086498336760,"flow_src_last_pkt_time":1686086498336760,"flow_dst_last_pkt_time":1686086498336760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686086498336760,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.141.37.56","src_port":35493,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686085137783742,"flow_src_last_pkt_time":1686085137783742,"flow_dst_last_pkt_time":1686085137783742,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686086498336760,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"85.111.52.57","src_port":59003,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":224,"packets-processed":223,"total-skipped-flows":0,"total-l4-payload-len":11782,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":220,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":220,"total-idle-flows":219,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1064,"global_ts_usec":1686087364946144} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686087364946144,"flow_src_last_pkt_time":1686087364946144,"flow_dst_last_pkt_time":1686087364946144,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686087364946144,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"69.109.187.54","src_port":35856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":1,"flow_src_last_pkt_time":1686087364946144,"flow_dst_last_pkt_time":1686087364946144,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686087364946144,"pkt":"bpHurUgdPJTVQTiBCABFAABS0PQAAG4RQqxDnxCWRW27NowQAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686087364946144,"flow_src_last_pkt_time":1686087364946144,"flow_dst_last_pkt_time":1686087364946144,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686087364946144,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"69.109.187.54","src_port":35856,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686086498336760,"flow_src_last_pkt_time":1686086498336760,"flow_dst_last_pkt_time":1686086498336760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686087364946144,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.141.37.56","src_port":35493,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":225,"packets-processed":224,"total-skipped-flows":0,"total-l4-payload-len":11836,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":221,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":221,"total-idle-flows":220,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1069,"global_ts_usec":1686088327419270} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686088327419270,"flow_src_last_pkt_time":1686088327419270,"flow_dst_last_pkt_time":1686088327419270,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686088327419270,"l3_proto":"ip4","src_ip":"34.220.38.0","dst_ip":"186.112.202.53","src_port":54720,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":1,"flow_src_last_pkt_time":1686088327419270,"flow_dst_last_pkt_time":1686088327419270,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686088327419270,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPoRbDEi3CYAunDKNdXAAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686088327419270,"flow_src_last_pkt_time":1686088327419270,"flow_dst_last_pkt_time":1686088327419270,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686088327419270,"l3_proto":"ip4","src_ip":"34.220.38.0","dst_ip":"186.112.202.53","src_port":54720,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686087364946144,"flow_src_last_pkt_time":1686087364946144,"flow_dst_last_pkt_time":1686087364946144,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686088327419270,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"69.109.187.54","src_port":35856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":226,"packets-processed":225,"total-skipped-flows":0,"total-l4-payload-len":11865,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":222,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":222,"total-idle-flows":221,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1074,"global_ts_usec":1686095963626743} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686095963626743,"flow_src_last_pkt_time":1686095963626743,"flow_dst_last_pkt_time":1686095963626743,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686095963626743,"l3_proto":"ip4","src_ip":"173.49.159.50","dst_ip":"74.111.203.55","src_port":54834,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":1,"flow_src_last_pkt_time":1686095963626743,"flow_dst_last_pkt_time":1686095963626743,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686095963626743,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRXnWtMZ8ySm\/LN9YyAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686095963626743,"flow_src_last_pkt_time":1686095963626743,"flow_dst_last_pkt_time":1686095963626743,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686095963626743,"l3_proto":"ip4","src_ip":"173.49.159.50","dst_ip":"74.111.203.55","src_port":54834,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686088327419270,"flow_src_last_pkt_time":1686088327419270,"flow_dst_last_pkt_time":1686088327419270,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686095963626743,"l3_proto":"ip4","src_ip":"34.220.38.0","dst_ip":"186.112.202.53","src_port":54720,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":227,"packets-processed":226,"total-skipped-flows":0,"total-l4-payload-len":11894,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":223,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":223,"total-idle-flows":222,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1079,"global_ts_usec":1686100690494262} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686100690494262,"flow_src_last_pkt_time":1686100690494262,"flow_dst_last_pkt_time":1686100690494262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686100690494262,"l3_proto":"ip4","src_ip":"206.17.216.171","dst_ip":"69.109.187.54","src_port":53625,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":224,"flow_packet_id":1,"flow_src_last_pkt_time":1686100690494262,"flow_dst_last_pkt_time":1686100690494262,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686100690494262,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRYB3OEdirRW27NtF5AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686100690494262,"flow_src_last_pkt_time":1686100690494262,"flow_dst_last_pkt_time":1686100690494262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686100690494262,"l3_proto":"ip4","src_ip":"206.17.216.171","dst_ip":"69.109.187.54","src_port":53625,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686095963626743,"flow_src_last_pkt_time":1686095963626743,"flow_dst_last_pkt_time":1686095963626743,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686100690494262,"l3_proto":"ip4","src_ip":"173.49.159.50","dst_ip":"74.111.203.55","src_port":54834,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":228,"packets-processed":227,"total-skipped-flows":0,"total-l4-payload-len":11923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":224,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":224,"total-idle-flows":223,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1084,"global_ts_usec":1686102050692991} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102050692991,"flow_src_last_pkt_time":1686102050692991,"flow_dst_last_pkt_time":1686102050692991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102050692991,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":42341,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":225,"flow_packet_id":1,"flow_src_last_pkt_time":1686102050692991,"flow_dst_last_pkt_time":1686102050692991,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686102050692991,"pkt":"ipffLU2SPJTVQTiBCABFAAA+KfdAADQRdt1AOMuySm\/LN6VlAasAKiQrAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102050692991,"flow_src_last_pkt_time":1686102050692991,"flow_dst_last_pkt_time":1686102050692991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102050692991,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":42341,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686100690494262,"flow_src_last_pkt_time":1686100690494262,"flow_dst_last_pkt_time":1686100690494262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102050692991,"l3_proto":"ip4","src_ip":"206.17.216.171","dst_ip":"69.109.187.54","src_port":53625,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":229,"packets-processed":228,"total-skipped-flows":0,"total-l4-payload-len":11957,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":225,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":225,"total-idle-flows":224,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1089,"global_ts_usec":1686102672425183} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102672425183,"flow_src_last_pkt_time":1686102672425183,"flow_dst_last_pkt_time":1686102672425183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102672425183,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"90.111.212.50","src_port":46093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":1,"flow_src_last_pkt_time":1686102672425183,"flow_dst_last_pkt_time":1686102672425183,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686102672425183,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+Lo9AADQRckmmRju1Wm\/UMrQNAasAKhWHAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102672425183,"flow_src_last_pkt_time":1686102672425183,"flow_dst_last_pkt_time":1686102672425183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102672425183,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"90.111.212.50","src_port":46093,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":230,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102050692991,"flow_src_last_pkt_time":1686102050692991,"flow_dst_last_pkt_time":1686102050692991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102672425183,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":42341,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":230,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102752175886,"flow_src_last_pkt_time":1686102752175886,"flow_dst_last_pkt_time":1686102752175886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102752175886,"l3_proto":"ip4","src_ip":"167.185.203.175","dst_ip":"165.144.84.62","src_port":8162,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":230,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":227,"flow_packet_id":1,"flow_src_last_pkt_time":1686102752175886,"flow_dst_last_pkt_time":1686102752175886,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686102752175886,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+TxNAADQRUb6nucuvpZBUPh\/iAasAKqmrAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":230,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102752175886,"flow_src_last_pkt_time":1686102752175886,"flow_dst_last_pkt_time":1686102752175886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102752175886,"l3_proto":"ip4","src_ip":"167.185.203.175","dst_ip":"165.144.84.62","src_port":8162,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102672425183,"flow_src_last_pkt_time":1686102672425183,"flow_dst_last_pkt_time":1686102672425183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102752175886,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"90.111.212.50","src_port":46093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102873592315,"flow_src_last_pkt_time":1686102873592315,"flow_dst_last_pkt_time":1686102873592315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102873592315,"l3_proto":"ip4","src_ip":"33.26.187.87","dst_ip":"90.141.37.56","src_port":52761,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":228,"flow_packet_id":1,"flow_src_last_pkt_time":1686102873592315,"flow_dst_last_pkt_time":1686102873592315,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686102873592315,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbYMhGrtXWo0lOM4ZAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102873592315,"flow_src_last_pkt_time":1686102873592315,"flow_dst_last_pkt_time":1686102873592315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102873592315,"l3_proto":"ip4","src_ip":"33.26.187.87","dst_ip":"90.141.37.56","src_port":52761,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102672425183,"flow_src_last_pkt_time":1686102672425183,"flow_dst_last_pkt_time":1686102672425183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102873592315,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"90.111.212.50","src_port":46093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102752175886,"flow_src_last_pkt_time":1686102752175886,"flow_dst_last_pkt_time":1686102752175886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102873592315,"l3_proto":"ip4","src_ip":"167.185.203.175","dst_ip":"165.144.84.62","src_port":8162,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103038730179,"flow_src_last_pkt_time":1686103038730179,"flow_dst_last_pkt_time":1686103038730179,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103038730179,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.114.202.61","src_port":63574,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":229,"flow_packet_id":1,"flow_src_last_pkt_time":1686103038730179,"flow_dst_last_pkt_time":1686103038730179,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686103038730179,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+uvhAADQR5dBYwNWwpXLKPfhWAasAKtEuAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103038730179,"flow_src_last_pkt_time":1686103038730179,"flow_dst_last_pkt_time":1686103038730179,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103038730179,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.114.202.61","src_port":63574,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102752175886,"flow_src_last_pkt_time":1686102752175886,"flow_dst_last_pkt_time":1686102752175886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103038730179,"l3_proto":"ip4","src_ip":"167.185.203.175","dst_ip":"165.144.84.62","src_port":8162,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102873592315,"flow_src_last_pkt_time":1686102873592315,"flow_dst_last_pkt_time":1686102873592315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103038730179,"l3_proto":"ip4","src_ip":"33.26.187.87","dst_ip":"90.141.37.56","src_port":52761,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103250321132,"flow_src_last_pkt_time":1686103250321132,"flow_dst_last_pkt_time":1686103250321132,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103250321132,"l3_proto":"ip4","src_ip":"184.199.219.188","dst_ip":"90.141.37.56","src_port":30639,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":230,"flow_packet_id":1,"flow_src_last_pkt_time":1686103250321132,"flow_dst_last_pkt_time":1686103250321132,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686103250321132,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+W5pAADQRRS+4x9u8Wo0lOHevAasAKlHWAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103250321132,"flow_src_last_pkt_time":1686103250321132,"flow_dst_last_pkt_time":1686103250321132,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103250321132,"l3_proto":"ip4","src_ip":"184.199.219.188","dst_ip":"90.141.37.56","src_port":30639,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103038730179,"flow_src_last_pkt_time":1686103038730179,"flow_dst_last_pkt_time":1686103038730179,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103250321132,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.114.202.61","src_port":63574,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102873592315,"flow_src_last_pkt_time":1686102873592315,"flow_dst_last_pkt_time":1686102873592315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103250321132,"l3_proto":"ip4","src_ip":"33.26.187.87","dst_ip":"90.141.37.56","src_port":52761,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":234,"packets-processed":233,"total-skipped-flows":0,"total-l4-payload-len":12122,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":230,"total-detection-updates":0,"total-updates":42,"current-active-flows":1,"total-active-flows":230,"total-idle-flows":229,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1113,"global_ts_usec":1686103373634504} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103373634504,"flow_src_last_pkt_time":1686103373634504,"flow_dst_last_pkt_time":1686103373634504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103373634504,"l3_proto":"ip4","src_ip":"166.199.219.182","dst_ip":"69.109.187.54","src_port":28881,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":1,"flow_src_last_pkt_time":1686103373634504,"flow_dst_last_pkt_time":1686103373634504,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686103373634504,"pkt":"bpHurUgdPJTVQTiBCABFAAA+HIVAADQRhFKmx9u2RW27NnDRAasAKljCAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103373634504,"flow_src_last_pkt_time":1686103373634504,"flow_dst_last_pkt_time":1686103373634504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103373634504,"l3_proto":"ip4","src_ip":"166.199.219.182","dst_ip":"69.109.187.54","src_port":28881,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103250321132,"flow_src_last_pkt_time":1686103250321132,"flow_dst_last_pkt_time":1686103250321132,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103373634504,"l3_proto":"ip4","src_ip":"184.199.219.188","dst_ip":"90.141.37.56","src_port":30639,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":235,"packets-processed":234,"total-skipped-flows":0,"total-l4-payload-len":12156,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":231,"total-detection-updates":0,"total-updates":43,"current-active-flows":2,"total-active-flows":231,"total-idle-flows":229,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1118,"global_ts_usec":1686104038936046} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104038936046,"flow_src_last_pkt_time":1686104038936046,"flow_dst_last_pkt_time":1686104038936046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104038936046,"l3_proto":"ip4","src_ip":"95.64.196.186","dst_ip":"186.112.202.53","src_port":18841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":232,"flow_packet_id":1,"flow_src_last_pkt_time":1686104038936046,"flow_dst_last_pkt_time":1686104038936046,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686104038936046,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+0DtAADQR0JFfQMS6unDKNUmZAasAKn\/wAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104038936046,"flow_src_last_pkt_time":1686104038936046,"flow_dst_last_pkt_time":1686104038936046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104038936046,"l3_proto":"ip4","src_ip":"95.64.196.186","dst_ip":"186.112.202.53","src_port":18841,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":236,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103250321132,"flow_src_last_pkt_time":1686103250321132,"flow_dst_last_pkt_time":1686103250321132,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104038936046,"l3_proto":"ip4","src_ip":"184.199.219.188","dst_ip":"90.141.37.56","src_port":30639,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":236,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103373634504,"flow_src_last_pkt_time":1686103373634504,"flow_dst_last_pkt_time":1686103373634504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104038936046,"l3_proto":"ip4","src_ip":"166.199.219.182","dst_ip":"69.109.187.54","src_port":28881,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":236,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104544084969,"flow_src_last_pkt_time":1686104544084969,"flow_dst_last_pkt_time":1686104544084969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104544084969,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"90.145.180.58","src_port":51027,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":236,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":1,"flow_src_last_pkt_time":1686104544084969,"flow_dst_last_pkt_time":1686104544084969,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686104544084969,"pkt":"bs1PogZtPJTVQTiBCABFAAA+LfFAADQRctlYP9q4WpG0OsdTAasAKgIzAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":236,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104544084969,"flow_src_last_pkt_time":1686104544084969,"flow_dst_last_pkt_time":1686104544084969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104544084969,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"90.145.180.58","src_port":51027,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104038936046,"flow_src_last_pkt_time":1686104038936046,"flow_dst_last_pkt_time":1686104038936046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104544084969,"l3_proto":"ip4","src_ip":"95.64.196.186","dst_ip":"186.112.202.53","src_port":18841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":237,"packets-processed":236,"total-skipped-flows":0,"total-l4-payload-len":12224,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":233,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":233,"total-idle-flows":232,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1128,"global_ts_usec":1686104819369835} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104819369835,"flow_src_last_pkt_time":1686104819369835,"flow_dst_last_pkt_time":1686104819369835,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104819369835,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"85.111.52.57","src_port":57381,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":234,"flow_packet_id":1,"flow_src_last_pkt_time":1686104819369835,"flow_dst_last_pkt_time":1686104819369835,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686104819369835,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+9FFAADQRrIJHQCS3VW80OeAlAasAKulqAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104819369835,"flow_src_last_pkt_time":1686104819369835,"flow_dst_last_pkt_time":1686104819369835,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104819369835,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"85.111.52.57","src_port":57381,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104544084969,"flow_src_last_pkt_time":1686104544084969,"flow_dst_last_pkt_time":1686104544084969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104819369835,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"90.145.180.58","src_port":51027,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":238,"packets-processed":237,"total-skipped-flows":0,"total-l4-payload-len":12258,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":234,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":234,"total-idle-flows":233,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1133,"global_ts_usec":1686109686670972} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686109686670972,"flow_src_last_pkt_time":1686109686670972,"flow_dst_last_pkt_time":1686109686670972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686109686670972,"l3_proto":"ip4","src_ip":"165.211.188.239","dst_ip":"165.114.202.61","src_port":50862,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":235,"flow_packet_id":1,"flow_src_last_pkt_time":1686109686670972,"flow_dst_last_pkt_time":1686109686670972,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686109686670972,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbeWl07zvpXLKPcauAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686109686670972,"flow_src_last_pkt_time":1686109686670972,"flow_dst_last_pkt_time":1686109686670972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686109686670972,"l3_proto":"ip4","src_ip":"165.211.188.239","dst_ip":"165.114.202.61","src_port":50862,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104819369835,"flow_src_last_pkt_time":1686104819369835,"flow_dst_last_pkt_time":1686104819369835,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686109686670972,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"85.111.52.57","src_port":57381,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":239,"packets-processed":238,"total-skipped-flows":0,"total-l4-payload-len":12287,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":235,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":235,"total-idle-flows":234,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1138,"global_ts_usec":1686115314323562} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686115314323562,"flow_src_last_pkt_time":1686115314323562,"flow_dst_last_pkt_time":1686115314323562,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686115314323562,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.141.37.56","src_port":31214,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":236,"flow_packet_id":1,"flow_src_last_pkt_time":1686115314323562,"flow_dst_last_pkt_time":1686115314323562,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686115314323562,"pkt":"3jHC4dyOPJTVQTiBCABFCABLy\/0AACIR\/qsfAJpyWo0lOHnuAasAN6fVAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686115314323562,"flow_src_last_pkt_time":1686115314323562,"flow_dst_last_pkt_time":1686115314323562,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686115314323562,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.141.37.56","src_port":31214,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686109686670972,"flow_src_last_pkt_time":1686109686670972,"flow_dst_last_pkt_time":1686109686670972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686115314323562,"l3_proto":"ip4","src_ip":"165.211.188.239","dst_ip":"165.114.202.61","src_port":50862,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":240,"packets-processed":239,"total-skipped-flows":0,"total-l4-payload-len":12334,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":236,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":236,"total-idle-flows":235,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1143,"global_ts_usec":1686120842599135} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686120842599135,"flow_src_last_pkt_time":1686120842599135,"flow_dst_last_pkt_time":1686120842599135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686120842599135,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"165.144.84.62","src_port":19055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":1,"flow_src_last_pkt_time":1686120842599135,"flow_dst_last_pkt_time":1686120842599135,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686120842599135,"pkt":"AAwp30Y4PJTVQTiBCABFAABLInYAACcRsKcid3p+pZBUPkpvAasAN+TAAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686120842599135,"flow_src_last_pkt_time":1686120842599135,"flow_dst_last_pkt_time":1686120842599135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686120842599135,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"165.144.84.62","src_port":19055,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":241,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686115314323562,"flow_src_last_pkt_time":1686115314323562,"flow_dst_last_pkt_time":1686115314323562,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686120842599135,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.141.37.56","src_port":31214,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":241,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686121348877532,"flow_src_last_pkt_time":1686121348877532,"flow_dst_last_pkt_time":1686121348877532,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686121348877532,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"85.111.52.57","src_port":50635,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":241,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":1,"flow_src_last_pkt_time":1686121348877532,"flow_dst_last_pkt_time":1686121348877532,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686121348877532,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPoRbQ1Z1jiBVW80OcXLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":241,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686121348877532,"flow_src_last_pkt_time":1686121348877532,"flow_dst_last_pkt_time":1686121348877532,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686121348877532,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"85.111.52.57","src_port":50635,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686120842599135,"flow_src_last_pkt_time":1686120842599135,"flow_dst_last_pkt_time":1686120842599135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686121348877532,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"165.144.84.62","src_port":19055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":242,"packets-processed":241,"total-skipped-flows":0,"total-l4-payload-len":12410,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":238,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":238,"total-idle-flows":237,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1152,"global_ts_usec":1686122375311586} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686122375311586,"flow_src_last_pkt_time":1686122375311586,"flow_dst_last_pkt_time":1686122375311586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686122375311586,"l3_proto":"ip4","src_ip":"193.209.38.96","dst_ip":"90.111.212.50","src_port":56783,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":1,"flow_src_last_pkt_time":1686122375311586,"flow_dst_last_pkt_time":1686122375311586,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686122375311586,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbJLB0SZgWm\/UMt3PAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686122375311586,"flow_src_last_pkt_time":1686122375311586,"flow_dst_last_pkt_time":1686122375311586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686122375311586,"l3_proto":"ip4","src_ip":"193.209.38.96","dst_ip":"90.111.212.50","src_port":56783,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686121348877532,"flow_src_last_pkt_time":1686121348877532,"flow_dst_last_pkt_time":1686121348877532,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686122375311586,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"85.111.52.57","src_port":50635,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":243,"packets-processed":242,"total-skipped-flows":0,"total-l4-payload-len":12439,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":239,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":239,"total-idle-flows":238,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1157,"global_ts_usec":1686127609854442} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686127609854442,"flow_src_last_pkt_time":1686127609854442,"flow_dst_last_pkt_time":1686127609854442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686127609854442,"l3_proto":"ip4","src_ip":"34.16.223.107","dst_ip":"165.144.84.62","src_port":49482,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":240,"flow_packet_id":1,"flow_src_last_pkt_time":1686127609854442,"flow_dst_last_pkt_time":1686127609854442,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686127609854442,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbJQiEN9rpZBUPsFKAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01077{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686127609854442,"flow_src_last_pkt_time":1686127609854442,"flow_dst_last_pkt_time":1686127609854442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686127609854442,"l3_proto":"ip4","src_ip":"34.16.223.107","dst_ip":"165.144.84.62","src_port":49482,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686122375311586,"flow_src_last_pkt_time":1686122375311586,"flow_dst_last_pkt_time":1686122375311586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686127609854442,"l3_proto":"ip4","src_ip":"193.209.38.96","dst_ip":"90.111.212.50","src_port":56783,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":244,"packets-processed":243,"total-skipped-flows":0,"total-l4-payload-len":12468,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":240,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":240,"total-idle-flows":239,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1162,"global_ts_usec":1686147000405705} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686147000405705,"flow_src_last_pkt_time":1686147000405705,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686147000405705,"l3_proto":"ip4","src_ip":"235.96.127.30","dst_ip":"165.144.84.62","src_port":30596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":1,"flow_src_last_pkt_time":1686147000405705,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686147000405705,"pkt":"AAwp30Y4PJTVQTiBCABFAABSc4QAADIRDzbrYH8epZBUPneEAasAPgRJAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686147000405705,"flow_src_last_pkt_time":1686147000405705,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686147000405705,"l3_proto":"ip4","src_ip":"235.96.127.30","dst_ip":"165.144.84.62","src_port":30596,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":245,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":2,"flow_src_last_pkt_time":1686147000405720,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686147000405720,"pkt":"AAwp30Y4PJTVQTiBCABFAABSc4QAADIRDzbrYH8epZBUPneEAasAPgRJAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01116{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686127609854442,"flow_src_last_pkt_time":1686127609854442,"flow_dst_last_pkt_time":1686127609854442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686147000405720,"l3_proto":"ip4","src_ip":"34.16.223.107","dst_ip":"165.144.84.62","src_port":49482,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":246,"packets-processed":245,"total-skipped-flows":0,"total-l4-payload-len":12576,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":241,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":241,"total-idle-flows":240,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1168,"global_ts_usec":1686148169982093} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686148169982093,"flow_src_last_pkt_time":1686148169982093,"flow_dst_last_pkt_time":1686148169982093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686148169982093,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"74.111.203.55","src_port":30879,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":242,"flow_packet_id":1,"flow_src_last_pkt_time":1686148169982093,"flow_dst_last_pkt_time":1686148169982093,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686148169982093,"pkt":"ipffLU2SPJTVQTiBCABFAABL+PEAACcR2jmaYAV5Sm\/LN3ifAasAN7aeAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686148169982093,"flow_src_last_pkt_time":1686148169982093,"flow_dst_last_pkt_time":1686148169982093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686148169982093,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"74.111.203.55","src_port":30879,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1686147000405705,"flow_src_last_pkt_time":1686147000405720,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686148169982093,"l3_proto":"ip4","src_ip":"235.96.127.30","dst_ip":"165.144.84.62","src_port":30596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":247,"packets-processed":246,"total-skipped-flows":0,"total-l4-payload-len":12623,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":242,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":242,"total-idle-flows":241,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1173,"global_ts_usec":1686150111716704} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686150111716704,"flow_src_last_pkt_time":1686150111716704,"flow_dst_last_pkt_time":1686150111716704,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686150111716704,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":53775,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":243,"flow_packet_id":1,"flow_src_last_pkt_time":1686150111716704,"flow_dst_last_pkt_time":1686150111716704,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686150111716704,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPIRpS\/Qe7CaWo0lONIPAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686150111716704,"flow_src_last_pkt_time":1686150111716704,"flow_dst_last_pkt_time":1686150111716704,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686150111716704,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":53775,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686148169982093,"flow_src_last_pkt_time":1686148169982093,"flow_dst_last_pkt_time":1686148169982093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686150111716704,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"74.111.203.55","src_port":30879,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":248,"packets-processed":247,"total-skipped-flows":0,"total-l4-payload-len":12721,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":243,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":243,"total-idle-flows":242,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1178,"global_ts_usec":1686151018568427} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686151018568427,"flow_src_last_pkt_time":1686151018568427,"flow_dst_last_pkt_time":1686151018568427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686151018568427,"l3_proto":"ip4","src_ip":"236.131.82.145","dst_ip":"69.109.187.54","src_port":40660,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":244,"flow_packet_id":1,"flow_src_last_pkt_time":1686151018568427,"flow_dst_last_pkt_time":1686151018568427,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686151018568427,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPMRpSvsg1KRRW27Np7UAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686151018568427,"flow_src_last_pkt_time":1686151018568427,"flow_dst_last_pkt_time":1686151018568427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686151018568427,"l3_proto":"ip4","src_ip":"236.131.82.145","dst_ip":"69.109.187.54","src_port":40660,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686150111716704,"flow_src_last_pkt_time":1686150111716704,"flow_dst_last_pkt_time":1686150111716704,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686151018568427,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":53775,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":249,"packets-processed":248,"total-skipped-flows":0,"total-l4-payload-len":12819,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":244,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":244,"total-idle-flows":243,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1183,"global_ts_usec":1686152692161183} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152692161183,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152692161183,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"74.111.203.55","src_port":47749,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":1,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686152692161183,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPIRpTITnLybSm\/LN7qFAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152692161183,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152692161183,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"74.111.203.55","src_port":47749,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":250,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686151018568427,"flow_src_last_pkt_time":1686151018568427,"flow_dst_last_pkt_time":1686151018568427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152692161183,"l3_proto":"ip4","src_ip":"236.131.82.145","dst_ip":"69.109.187.54","src_port":40660,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":250,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152794742928,"flow_src_last_pkt_time":1686152794742928,"flow_dst_last_pkt_time":1686152794742928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152794742928,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"165.144.84.62","src_port":34418,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":250,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":246,"flow_packet_id":1,"flow_src_last_pkt_time":1686152794742928,"flow_dst_last_pkt_time":1686152794742928,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686152794742928,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPIRpSDthLCIpZBUPoZyAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":250,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152794742928,"flow_src_last_pkt_time":1686152794742928,"flow_dst_last_pkt_time":1686152794742928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152794742928,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"165.144.84.62","src_port":34418,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152692161183,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152794742928,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"74.111.203.55","src_port":47749,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":251,"packets-processed":250,"total-skipped-flows":0,"total-l4-payload-len":13015,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":246,"total-detection-updates":0,"total-updates":44,"current-active-flows":2,"total-active-flows":246,"total-idle-flows":244,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1192,"global_ts_usec":1686157605088607} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686157605088607,"flow_src_last_pkt_time":1686157605088607,"flow_dst_last_pkt_time":1686157605088607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686157605088607,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":55189,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":247,"flow_packet_id":1,"flow_src_last_pkt_time":1686157605088607,"flow_dst_last_pkt_time":1686157605088607,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686157605088607,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAPARqCUtfJOcpXLKPdeVAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686157605088607,"flow_src_last_pkt_time":1686157605088607,"flow_dst_last_pkt_time":1686157605088607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686157605088607,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":55189,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152794742928,"flow_src_last_pkt_time":1686152794742928,"flow_dst_last_pkt_time":1686152794742928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686157605088607,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"165.144.84.62","src_port":34418,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152692161183,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686157605088607,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"74.111.203.55","src_port":47749,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":252,"packets-processed":251,"total-skipped-flows":0,"total-l4-payload-len":13113,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":247,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":247,"total-idle-flows":246,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1198,"global_ts_usec":1686158302309017} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686158302309017,"flow_src_last_pkt_time":1686158302309017,"flow_dst_last_pkt_time":1686158302309017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686158302309017,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.145.180.58","src_port":37873,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":248,"flow_packet_id":1,"flow_src_last_pkt_time":1686158302309017,"flow_dst_last_pkt_time":1686158302309017,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686158302309017,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAO8RDclGtG\/xWpG0OpPxAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686158302309017,"flow_src_last_pkt_time":1686158302309017,"flow_dst_last_pkt_time":1686158302309017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686158302309017,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.145.180.58","src_port":37873,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686157605088607,"flow_src_last_pkt_time":1686157605088607,"flow_dst_last_pkt_time":1686157605088607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686158302309017,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":55189,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":253,"packets-processed":252,"total-skipped-flows":0,"total-l4-payload-len":13211,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":248,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":248,"total-idle-flows":247,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1203,"global_ts_usec":1686159210157364} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686159210157364,"flow_src_last_pkt_time":1686159210157364,"flow_dst_last_pkt_time":1686159210157364,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686159210157364,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"90.111.212.50","src_port":50527,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":249,"flow_packet_id":1,"flow_src_last_pkt_time":1686159210157364,"flow_dst_last_pkt_time":1686159210157364,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686159210157364,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAPARqCwve7GaWm\/UMsVfAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686159210157364,"flow_src_last_pkt_time":1686159210157364,"flow_dst_last_pkt_time":1686159210157364,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686159210157364,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"90.111.212.50","src_port":50527,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686158302309017,"flow_src_last_pkt_time":1686158302309017,"flow_dst_last_pkt_time":1686158302309017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686159210157364,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.145.180.58","src_port":37873,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":254,"packets-processed":253,"total-skipped-flows":0,"total-l4-payload-len":13309,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":249,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":249,"total-idle-flows":248,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1208,"global_ts_usec":1686164441587309} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686164441587309,"flow_src_last_pkt_time":1686164441587309,"flow_dst_last_pkt_time":1686164441587309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686164441587309,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"74.111.203.55","src_port":22596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":250,"flow_packet_id":1,"flow_src_last_pkt_time":1686164441587309,"flow_dst_last_pkt_time":1686164441587309,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686164441587309,"pkt":"ipffLU2SPJTVQTiBCABFCABLFfMAACIRtMTjx1p6Sm\/LN1hEAasAN8mNAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686164441587309,"flow_src_last_pkt_time":1686164441587309,"flow_dst_last_pkt_time":1686164441587309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686164441587309,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"74.111.203.55","src_port":22596,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686159210157364,"flow_src_last_pkt_time":1686159210157364,"flow_dst_last_pkt_time":1686159210157364,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686164441587309,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"90.111.212.50","src_port":50527,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":255,"packets-processed":254,"total-skipped-flows":0,"total-l4-payload-len":13356,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":250,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":250,"total-idle-flows":249,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1213,"global_ts_usec":1686172962599222} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686172962599222,"flow_src_last_pkt_time":1686172962599222,"flow_dst_last_pkt_time":1686172962599222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686172962599222,"l3_proto":"ip4","src_ip":"161.45.5.172","dst_ip":"90.147.171.51","src_port":56443,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":251,"flow_packet_id":1,"flow_src_last_pkt_time":1686172962599222,"flow_dst_last_pkt_time":1686172962599222,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686172962599222,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbgWhLQWsWpOrM9x7AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686172962599222,"flow_src_last_pkt_time":1686172962599222,"flow_dst_last_pkt_time":1686172962599222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686172962599222,"l3_proto":"ip4","src_ip":"161.45.5.172","dst_ip":"90.147.171.51","src_port":56443,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686164441587309,"flow_src_last_pkt_time":1686164441587309,"flow_dst_last_pkt_time":1686164441587309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686172962599222,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"74.111.203.55","src_port":22596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":256,"packets-processed":255,"total-skipped-flows":0,"total-l4-payload-len":13385,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":251,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":251,"total-idle-flows":250,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1218,"global_ts_usec":1686178920053120} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686178920053120,"flow_src_last_pkt_time":1686178920053120,"flow_dst_last_pkt_time":1686178920053120,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686178920053120,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"85.111.52.57","src_port":55319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":252,"flow_packet_id":1,"flow_src_last_pkt_time":1686178920053120,"flow_dst_last_pkt_time":1686178920053120,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686178920053120,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbXhCGOFNVW80OdgXAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686178920053120,"flow_src_last_pkt_time":1686178920053120,"flow_dst_last_pkt_time":1686178920053120,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686178920053120,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"85.111.52.57","src_port":55319,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686172962599222,"flow_src_last_pkt_time":1686172962599222,"flow_dst_last_pkt_time":1686172962599222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686178920053120,"l3_proto":"ip4","src_ip":"161.45.5.172","dst_ip":"90.147.171.51","src_port":56443,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":257,"packets-processed":256,"total-skipped-flows":0,"total-l4-payload-len":13414,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":252,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":252,"total-idle-flows":251,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1223,"global_ts_usec":1686182909163488} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686182909163488,"flow_src_last_pkt_time":1686182909163488,"flow_dst_last_pkt_time":1686182909163488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686182909163488,"l3_proto":"ip4","src_ip":"88.56.155.126","dst_ip":"186.112.202.53","src_port":14639,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":1,"flow_src_last_pkt_time":1686182909163488,"flow_dst_last_pkt_time":1686182909163488,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686182909163488,"pkt":"xmjqc4OdPJTVQTiBCABFCABLnDYAACIRLnxYOJt+unDKNTkvAasAN+idAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686182909163488,"flow_src_last_pkt_time":1686182909163488,"flow_dst_last_pkt_time":1686182909163488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686182909163488,"l3_proto":"ip4","src_ip":"88.56.155.126","dst_ip":"186.112.202.53","src_port":14639,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686178920053120,"flow_src_last_pkt_time":1686178920053120,"flow_dst_last_pkt_time":1686178920053120,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686182909163488,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"85.111.52.57","src_port":55319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":258,"packets-processed":257,"total-skipped-flows":0,"total-l4-payload-len":13461,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":253,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":253,"total-idle-flows":252,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1228,"global_ts_usec":1686186373659453} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686186373659453,"flow_src_last_pkt_time":1686186373659453,"flow_dst_last_pkt_time":1686186373659453,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686186373659453,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":15055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":254,"flow_packet_id":1,"flow_src_last_pkt_time":1686186373659453,"flow_dst_last_pkt_time":1686186373659453,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686186373659453,"pkt":"bpHurUgdPJTVQTiBCABFCABLbu4AACIRW70j\/EVxRW27NjrPAasAN+b2AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686186373659453,"flow_src_last_pkt_time":1686186373659453,"flow_dst_last_pkt_time":1686186373659453,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686186373659453,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":15055,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686182909163488,"flow_src_last_pkt_time":1686182909163488,"flow_dst_last_pkt_time":1686182909163488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686186373659453,"l3_proto":"ip4","src_ip":"88.56.155.126","dst_ip":"186.112.202.53","src_port":14639,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":259,"packets-processed":258,"total-skipped-flows":0,"total-l4-payload-len":13508,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":254,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":254,"total-idle-flows":253,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1233,"global_ts_usec":1686188598232342} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188598232342,"flow_src_last_pkt_time":1686188598232342,"flow_dst_last_pkt_time":1686188598232342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188598232342,"l3_proto":"ip4","src_ip":"93.22.25.240","dst_ip":"165.144.84.62","src_port":53557,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":1,"flow_src_last_pkt_time":1686188598232342,"flow_dst_last_pkt_time":1686188598232342,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686188598232342,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbdZdFhnwpZBUPtE1AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188598232342,"flow_src_last_pkt_time":1686188598232342,"flow_dst_last_pkt_time":1686188598232342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188598232342,"l3_proto":"ip4","src_ip":"93.22.25.240","dst_ip":"165.144.84.62","src_port":53557,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":260,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686186373659453,"flow_src_last_pkt_time":1686186373659453,"flow_dst_last_pkt_time":1686186373659453,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188598232342,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":15055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":260,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188644341439,"flow_src_last_pkt_time":1686188644341439,"flow_dst_last_pkt_time":1686188644341439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188644341439,"l3_proto":"ip4","src_ip":"94.46.221.227","dst_ip":"90.141.37.56","src_port":49978,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":260,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":256,"flow_packet_id":1,"flow_src_last_pkt_time":1686188644341439,"flow_dst_last_pkt_time":1686188644341439,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686188644341439,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbd9eLt3jWo0lOMM6AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":260,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188644341439,"flow_src_last_pkt_time":1686188644341439,"flow_dst_last_pkt_time":1686188644341439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188644341439,"l3_proto":"ip4","src_ip":"94.46.221.227","dst_ip":"90.141.37.56","src_port":49978,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":261,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188598232342,"flow_src_last_pkt_time":1686188598232342,"flow_dst_last_pkt_time":1686188598232342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188644341439,"l3_proto":"ip4","src_ip":"93.22.25.240","dst_ip":"165.144.84.62","src_port":53557,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":261,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188964145763,"flow_src_last_pkt_time":1686188964145763,"flow_dst_last_pkt_time":1686188964145763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188964145763,"l3_proto":"ip4","src_ip":"211.49.103.57","dst_ip":"69.109.187.54","src_port":55377,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":261,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":257,"flow_packet_id":1,"flow_src_last_pkt_time":1686188964145763,"flow_dst_last_pkt_time":1686188964145763,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686188964145763,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRX27TMWc5RW27NthRAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":261,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188964145763,"flow_src_last_pkt_time":1686188964145763,"flow_dst_last_pkt_time":1686188964145763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188964145763,"l3_proto":"ip4","src_ip":"211.49.103.57","dst_ip":"69.109.187.54","src_port":55377,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188644341439,"flow_src_last_pkt_time":1686188644341439,"flow_dst_last_pkt_time":1686188644341439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188964145763,"l3_proto":"ip4","src_ip":"94.46.221.227","dst_ip":"90.141.37.56","src_port":49978,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188598232342,"flow_src_last_pkt_time":1686188598232342,"flow_dst_last_pkt_time":1686188598232342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188964145763,"l3_proto":"ip4","src_ip":"93.22.25.240","dst_ip":"165.144.84.62","src_port":53557,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":262,"packets-processed":261,"total-skipped-flows":0,"total-l4-payload-len":13595,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":257,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":257,"total-idle-flows":256,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1247,"global_ts_usec":1686189923950356} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686189923950356,"flow_src_last_pkt_time":1686189923950356,"flow_dst_last_pkt_time":1686189923950356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686189923950356,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"186.112.202.53","src_port":57227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":258,"flow_packet_id":1,"flow_src_last_pkt_time":1686189923950356,"flow_dst_last_pkt_time":1686189923950356,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686189923950356,"pkt":"xmjqc4OdPJTVQTiBCABFCABS0+QAAGsRQrNDnxCWunDKNd+LAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686189923950356,"flow_src_last_pkt_time":1686189923950356,"flow_dst_last_pkt_time":1686189923950356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686189923950356,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"186.112.202.53","src_port":57227,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188964145763,"flow_src_last_pkt_time":1686188964145763,"flow_dst_last_pkt_time":1686188964145763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686189923950356,"l3_proto":"ip4","src_ip":"211.49.103.57","dst_ip":"69.109.187.54","src_port":55377,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":263,"packets-processed":262,"total-skipped-flows":0,"total-l4-payload-len":13649,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":258,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":258,"total-idle-flows":257,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1252,"global_ts_usec":1686195826361567} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686195826361567,"flow_src_last_pkt_time":1686195826361567,"flow_dst_last_pkt_time":1686195826361567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686195826361567,"l3_proto":"ip4","src_ip":"70.210.130.41","dst_ip":"186.112.202.53","src_port":50379,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":259,"flow_packet_id":1,"flow_src_last_pkt_time":1686195826361567,"flow_dst_last_pkt_time":1686195826361567,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686195826361567,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbWRG0oIpunDKNcTLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686195826361567,"flow_src_last_pkt_time":1686195826361567,"flow_dst_last_pkt_time":1686195826361567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686195826361567,"l3_proto":"ip4","src_ip":"70.210.130.41","dst_ip":"186.112.202.53","src_port":50379,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686189923950356,"flow_src_last_pkt_time":1686189923950356,"flow_dst_last_pkt_time":1686189923950356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686195826361567,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"186.112.202.53","src_port":57227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":264,"packets-processed":263,"total-skipped-flows":0,"total-l4-payload-len":13678,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":259,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":259,"total-idle-flows":258,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1257,"global_ts_usec":1686197444990656} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686197444990656,"flow_src_last_pkt_time":1686197444990656,"flow_dst_last_pkt_time":1686197444990656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686197444990656,"l3_proto":"ip4","src_ip":"217.23.159.199","dst_ip":"74.111.203.55","src_port":54694,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":260,"flow_packet_id":1,"flow_src_last_pkt_time":1686197444990656,"flow_dst_last_pkt_time":1686197444990656,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686197444990656,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbbfZF5\/HSm\/LN9WmAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686197444990656,"flow_src_last_pkt_time":1686197444990656,"flow_dst_last_pkt_time":1686197444990656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686197444990656,"l3_proto":"ip4","src_ip":"217.23.159.199","dst_ip":"74.111.203.55","src_port":54694,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686195826361567,"flow_src_last_pkt_time":1686195826361567,"flow_dst_last_pkt_time":1686195826361567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686197444990656,"l3_proto":"ip4","src_ip":"70.210.130.41","dst_ip":"186.112.202.53","src_port":50379,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":265,"packets-processed":264,"total-skipped-flows":0,"total-l4-payload-len":13707,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":260,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":260,"total-idle-flows":259,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1262,"global_ts_usec":1686200474358772} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686200474358772,"flow_src_last_pkt_time":1686200474358772,"flow_dst_last_pkt_time":1686200474358772,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686200474358772,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"165.114.202.61","src_port":54962,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":261,"flow_packet_id":1,"flow_src_last_pkt_time":1686200474358772,"flow_dst_last_pkt_time":1686200474358772,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686200474358772,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXtfQ8\/jUpXLKPdayAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686200474358772,"flow_src_last_pkt_time":1686200474358772,"flow_dst_last_pkt_time":1686200474358772,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686200474358772,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"165.114.202.61","src_port":54962,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686197444990656,"flow_src_last_pkt_time":1686197444990656,"flow_dst_last_pkt_time":1686197444990656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686200474358772,"l3_proto":"ip4","src_ip":"217.23.159.199","dst_ip":"74.111.203.55","src_port":54694,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":266,"packets-processed":265,"total-skipped-flows":0,"total-l4-payload-len":13736,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":261,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":261,"total-idle-flows":260,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1267,"global_ts_usec":1686201624944069} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686201624944069,"flow_src_last_pkt_time":1686201624944069,"flow_dst_last_pkt_time":1686201624944069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686201624944069,"l3_proto":"ip4","src_ip":"42.224.153.12","dst_ip":"90.147.171.51","src_port":15346,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":262,"flow_packet_id":1,"flow_src_last_pkt_time":1686201624944069,"flow_dst_last_pkt_time":1686201624944069,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686201624944069,"pkt":"AAwp30Y4PJTVQTiBCABFAABSN\/IAADIRVuMq4JkMWpOrMzvyAasAPkv2AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686201624944069,"flow_src_last_pkt_time":1686201624944069,"flow_dst_last_pkt_time":1686201624944069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686201624944069,"l3_proto":"ip4","src_ip":"42.224.153.12","dst_ip":"90.147.171.51","src_port":15346,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":267,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":262,"flow_packet_id":2,"flow_src_last_pkt_time":1686201624944084,"flow_dst_last_pkt_time":1686201624944069,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686201624944084,"pkt":"AAwp30Y4PJTVQTiBCABFAABSN\/IAADIRVuMq4JkMWpOrMzvyAasAPkv2AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686200474358772,"flow_src_last_pkt_time":1686200474358772,"flow_dst_last_pkt_time":1686200474358772,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686201624944084,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"165.114.202.61","src_port":54962,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":268,"packets-processed":267,"total-skipped-flows":0,"total-l4-payload-len":13844,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":262,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":262,"total-idle-flows":261,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1273,"global_ts_usec":1686204308831707} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204308831707,"flow_src_last_pkt_time":1686204308831707,"flow_dst_last_pkt_time":1686204308831707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204308831707,"l3_proto":"ip4","src_ip":"199.221.139.233","dst_ip":"90.145.180.58","src_port":45906,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":263,"flow_packet_id":1,"flow_src_last_pkt_time":1686204308831707,"flow_dst_last_pkt_time":1686204308831707,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686204308831707,"pkt":"bs1PogZtPJTVQTiBCABFAAA+UJNAADQREf\/H3YvpWpG0OrNSAasAKtf7AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204308831707,"flow_src_last_pkt_time":1686204308831707,"flow_dst_last_pkt_time":1686204308831707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204308831707,"l3_proto":"ip4","src_ip":"199.221.139.233","dst_ip":"90.145.180.58","src_port":45906,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1686201624944069,"flow_src_last_pkt_time":1686201624944084,"flow_dst_last_pkt_time":1686201624944069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204308831707,"l3_proto":"ip4","src_ip":"42.224.153.12","dst_ip":"90.147.171.51","src_port":15346,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204816985223,"flow_src_last_pkt_time":1686204816985223,"flow_dst_last_pkt_time":1686204816985223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204816985223,"l3_proto":"ip4","src_ip":"246.237.99.253","dst_ip":"69.109.187.54","src_port":12689,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":264,"flow_packet_id":1,"flow_src_last_pkt_time":1686204816985223,"flow_dst_last_pkt_time":1686204816985223,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686204816985223,"pkt":"bpHurUgdPJTVQTiBCABFAAA++fVAADQRaIr27WP9RW27NjGRAasAKlmrAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204816985223,"flow_src_last_pkt_time":1686204816985223,"flow_dst_last_pkt_time":1686204816985223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204816985223,"l3_proto":"ip4","src_ip":"246.237.99.253","dst_ip":"69.109.187.54","src_port":12689,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204308831707,"flow_src_last_pkt_time":1686204308831707,"flow_dst_last_pkt_time":1686204308831707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204816985223,"l3_proto":"ip4","src_ip":"199.221.139.233","dst_ip":"90.145.180.58","src_port":45906,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":270,"packets-processed":269,"total-skipped-flows":0,"total-l4-payload-len":13912,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":264,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":264,"total-idle-flows":263,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1282,"global_ts_usec":1686205296905334} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205296905334,"flow_src_last_pkt_time":1686205296905334,"flow_dst_last_pkt_time":1686205296905334,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205296905334,"l3_proto":"ip4","src_ip":"247.45.112.206","dst_ip":"90.111.212.50","src_port":20029,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":265,"flow_packet_id":1,"flow_src_last_pkt_time":1686205296905334,"flow_dst_last_pkt_time":1686205296905334,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686205296905334,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+r0hAADQRsyX3LXDOWm\/UMk49AasAKjztAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205296905334,"flow_src_last_pkt_time":1686205296905334,"flow_dst_last_pkt_time":1686205296905334,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205296905334,"l3_proto":"ip4","src_ip":"247.45.112.206","dst_ip":"90.111.212.50","src_port":20029,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":271,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204816985223,"flow_src_last_pkt_time":1686204816985223,"flow_dst_last_pkt_time":1686204816985223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205296905334,"l3_proto":"ip4","src_ip":"246.237.99.253","dst_ip":"69.109.187.54","src_port":12689,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":271,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205683745012,"flow_src_last_pkt_time":1686205683745012,"flow_dst_last_pkt_time":1686205683745012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205683745012,"l3_proto":"ip4","src_ip":"56.174.92.201","dst_ip":"165.114.202.61","src_port":12782,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":271,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":266,"flow_packet_id":1,"flow_src_last_pkt_time":1686205683745012,"flow_dst_last_pkt_time":1686205683745012,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686205683745012,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+DX5AADQRVOE4rlzJpXLKPTHuAasAKlktAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":271,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205683745012,"flow_src_last_pkt_time":1686205683745012,"flow_dst_last_pkt_time":1686205683745012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205683745012,"l3_proto":"ip4","src_ip":"56.174.92.201","dst_ip":"165.114.202.61","src_port":12782,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":272,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205296905334,"flow_src_last_pkt_time":1686205296905334,"flow_dst_last_pkt_time":1686205296905334,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205683745012,"l3_proto":"ip4","src_ip":"247.45.112.206","dst_ip":"90.111.212.50","src_port":20029,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":272,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205768491443,"flow_src_last_pkt_time":1686205768491443,"flow_dst_last_pkt_time":1686205768491443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205768491443,"l3_proto":"ip4","src_ip":"70.38.107.241","dst_ip":"85.111.52.57","src_port":3833,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":272,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":1,"flow_src_last_pkt_time":1686205768491443,"flow_dst_last_pkt_time":1686205768491443,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686205768491443,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+3TBAADQRhVdGJmvxVW80OQ75AasAKnxLAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":272,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205768491443,"flow_src_last_pkt_time":1686205768491443,"flow_dst_last_pkt_time":1686205768491443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205768491443,"l3_proto":"ip4","src_ip":"70.38.107.241","dst_ip":"85.111.52.57","src_port":3833,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205683745012,"flow_src_last_pkt_time":1686205683745012,"flow_dst_last_pkt_time":1686205683745012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205768491443,"l3_proto":"ip4","src_ip":"56.174.92.201","dst_ip":"165.114.202.61","src_port":12782,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":273,"packets-processed":272,"total-skipped-flows":0,"total-l4-payload-len":14014,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":267,"total-detection-updates":0,"total-updates":46,"current-active-flows":2,"total-active-flows":267,"total-idle-flows":265,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1295,"global_ts_usec":1686206099528813} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206099528813,"flow_src_last_pkt_time":1686206099528813,"flow_dst_last_pkt_time":1686206099528813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206099528813,"l3_proto":"ip4","src_ip":"70.106.99.214","dst_ip":"74.111.203.55","src_port":10633,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":268,"flow_packet_id":1,"flow_src_last_pkt_time":1686206099528813,"flow_dst_last_pkt_time":1686206099528813,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686206099528813,"pkt":"ipffLU2SPJTVQTiBCABFAAA+0FpAADQRkh5GamPWSm\/LNymJAasAKmGsAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206099528813,"flow_src_last_pkt_time":1686206099528813,"flow_dst_last_pkt_time":1686206099528813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206099528813,"l3_proto":"ip4","src_ip":"70.106.99.214","dst_ip":"74.111.203.55","src_port":10633,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":274,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205683745012,"flow_src_last_pkt_time":1686205683745012,"flow_dst_last_pkt_time":1686205683745012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206099528813,"l3_proto":"ip4","src_ip":"56.174.92.201","dst_ip":"165.114.202.61","src_port":12782,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":274,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205768491443,"flow_src_last_pkt_time":1686205768491443,"flow_dst_last_pkt_time":1686205768491443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206099528813,"l3_proto":"ip4","src_ip":"70.38.107.241","dst_ip":"85.111.52.57","src_port":3833,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":274,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206507820187,"flow_src_last_pkt_time":1686206507820187,"flow_dst_last_pkt_time":1686206507820187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206507820187,"l3_proto":"ip4","src_ip":"246.237.99.253","dst_ip":"165.144.84.62","src_port":28232,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":274,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":1,"flow_src_last_pkt_time":1686206507820187,"flow_dst_last_pkt_time":1686206507820187,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686206507820187,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+f0tAADQR4yz27WP9pZBUPm5IAasAKhzsAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":274,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206507820187,"flow_src_last_pkt_time":1686206507820187,"flow_dst_last_pkt_time":1686206507820187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206507820187,"l3_proto":"ip4","src_ip":"246.237.99.253","dst_ip":"165.144.84.62","src_port":28232,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206099528813,"flow_src_last_pkt_time":1686206099528813,"flow_dst_last_pkt_time":1686206099528813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206507820187,"l3_proto":"ip4","src_ip":"70.106.99.214","dst_ip":"74.111.203.55","src_port":10633,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":275,"packets-processed":274,"total-skipped-flows":0,"total-l4-payload-len":14082,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":269,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":269,"total-idle-flows":268,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1305,"global_ts_usec":1686206929031157} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206929031157,"flow_src_last_pkt_time":1686206929031157,"flow_dst_last_pkt_time":1686206929031157,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206929031157,"l3_proto":"ip4","src_ip":"200.29.108.217","dst_ip":"90.141.37.56","src_port":55185,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":1,"flow_src_last_pkt_time":1686206929031157,"flow_dst_last_pkt_time":1686206929031157,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686206929031157,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+TBRAADQRFl3IHWzZWo0lONeRAasAKrObAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206929031157,"flow_src_last_pkt_time":1686206929031157,"flow_dst_last_pkt_time":1686206929031157,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206929031157,"l3_proto":"ip4","src_ip":"200.29.108.217","dst_ip":"90.141.37.56","src_port":55185,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206507820187,"flow_src_last_pkt_time":1686206507820187,"flow_dst_last_pkt_time":1686206507820187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206929031157,"l3_proto":"ip4","src_ip":"246.237.99.253","dst_ip":"165.144.84.62","src_port":28232,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":276,"packets-processed":275,"total-skipped-flows":0,"total-l4-payload-len":14116,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":270,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":270,"total-idle-flows":269,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1310,"global_ts_usec":1686207705291823} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686207705291823,"flow_src_last_pkt_time":1686207705291823,"flow_dst_last_pkt_time":1686207705291823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686207705291823,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":48238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":1,"flow_src_last_pkt_time":1686207705291823,"flow_dst_last_pkt_time":1686207705291823,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686207705291823,"pkt":"moT+\/Ph8PJTVQTiBCABFAABSu9QAAG0RWMhDnxCWVW80ObxuAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686207705291823,"flow_src_last_pkt_time":1686207705291823,"flow_dst_last_pkt_time":1686207705291823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686207705291823,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":48238,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206929031157,"flow_src_last_pkt_time":1686206929031157,"flow_dst_last_pkt_time":1686206929031157,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686207705291823,"l3_proto":"ip4","src_ip":"200.29.108.217","dst_ip":"90.141.37.56","src_port":55185,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":277,"packets-processed":276,"total-skipped-flows":0,"total-l4-payload-len":14170,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":271,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":271,"total-idle-flows":270,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1315,"global_ts_usec":1686209332165512} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686209332165512,"flow_src_last_pkt_time":1686209332165512,"flow_dst_last_pkt_time":1686209332165512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686209332165512,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":24038,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":1,"flow_src_last_pkt_time":1686209332165512,"flow_dst_last_pkt_time":1686209332165512,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686209332165512,"pkt":"AAwp30Y4PJTVQTiBCABFCABLNKwAACIRlfkjAGRzpZBUPl3mAasAN8PZAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686209332165512,"flow_src_last_pkt_time":1686209332165512,"flow_dst_last_pkt_time":1686209332165512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686209332165512,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":24038,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686207705291823,"flow_src_last_pkt_time":1686207705291823,"flow_dst_last_pkt_time":1686207705291823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686209332165512,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":48238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":278,"packets-processed":277,"total-skipped-flows":0,"total-l4-payload-len":14217,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":272,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":272,"total-idle-flows":271,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1320,"global_ts_usec":1686218743990736} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218743990736,"flow_src_last_pkt_time":1686218743990736,"flow_dst_last_pkt_time":1686218743990736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218743990736,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"165.114.202.61","src_port":29445,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":1,"flow_src_last_pkt_time":1686218743990736,"flow_dst_last_pkt_time":1686218743990736,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686218743990736,"pkt":"AAwp30Y4PJTVQTiBCABFCABLunsAACIRECpb\/2t0pXLKPXMFAasAN666AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218743990736,"flow_src_last_pkt_time":1686218743990736,"flow_dst_last_pkt_time":1686218743990736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218743990736,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"165.114.202.61","src_port":29445,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686209332165512,"flow_src_last_pkt_time":1686209332165512,"flow_dst_last_pkt_time":1686209332165512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218743990736,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":24038,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218930278883,"flow_src_last_pkt_time":1686218930278883,"flow_dst_last_pkt_time":1686218930278883,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218930278883,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"165.114.202.61","src_port":5334,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":1,"flow_src_last_pkt_time":1686218930278883,"flow_dst_last_pkt_time":1686218930278883,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686218930278883,"pkt":"AAwp30Y4PJTVQTiBCABFAABLV70AACcRe1hiiQNypXLKPRTWAasANxpSAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218930278883,"flow_src_last_pkt_time":1686218930278883,"flow_dst_last_pkt_time":1686218930278883,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218930278883,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"165.114.202.61","src_port":5334,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218743990736,"flow_src_last_pkt_time":1686218743990736,"flow_dst_last_pkt_time":1686218743990736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218930278883,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"165.114.202.61","src_port":29445,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":280,"packets-processed":279,"total-skipped-flows":0,"total-l4-payload-len":14311,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":274,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":274,"total-idle-flows":273,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1329,"global_ts_usec":1686227357942748} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686227357942748,"flow_src_last_pkt_time":1686227357942748,"flow_dst_last_pkt_time":1686227357942748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686227357942748,"l3_proto":"ip4","src_ip":"224.127.98.214","dst_ip":"90.147.171.51","src_port":19171,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":1,"flow_src_last_pkt_time":1686227357942748,"flow_dst_last_pkt_time":1686227357942748,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686227357942748,"pkt":"AAwp30Y4PJTVQTiBCABFCABLNlUAACQRjhzgf2LWWpOrM0rjAasAN9KoAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686227357942748,"flow_src_last_pkt_time":1686227357942748,"flow_dst_last_pkt_time":1686227357942748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686227357942748,"l3_proto":"ip4","src_ip":"224.127.98.214","dst_ip":"90.147.171.51","src_port":19171,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218930278883,"flow_src_last_pkt_time":1686218930278883,"flow_dst_last_pkt_time":1686218930278883,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686227357942748,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"165.114.202.61","src_port":5334,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":281,"packets-processed":280,"total-skipped-flows":0,"total-l4-payload-len":14358,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":275,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":275,"total-idle-flows":274,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1334,"global_ts_usec":1686234455283740} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686234455283740,"flow_src_last_pkt_time":1686234455283740,"flow_dst_last_pkt_time":1686234455283740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686234455283740,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.145.180.58","src_port":37363,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":1,"flow_src_last_pkt_time":1686234455283740,"flow_dst_last_pkt_time":1686234455283740,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686234455283740,"pkt":"bs1PogZtPJTVQTiBCABFAABLt7IAACcRG3GdePx7WpG0OpHzAasAN51CAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686234455283740,"flow_src_last_pkt_time":1686234455283740,"flow_dst_last_pkt_time":1686234455283740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686234455283740,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.145.180.58","src_port":37363,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686227357942748,"flow_src_last_pkt_time":1686227357942748,"flow_dst_last_pkt_time":1686227357942748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686234455283740,"l3_proto":"ip4","src_ip":"224.127.98.214","dst_ip":"90.147.171.51","src_port":19171,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":282,"packets-processed":281,"total-skipped-flows":0,"total-l4-payload-len":14405,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":276,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":276,"total-idle-flows":275,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1339,"global_ts_usec":1686236482989100} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686236482989100,"flow_src_last_pkt_time":1686236482989100,"flow_dst_last_pkt_time":1686236482989100,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686236482989100,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":37519,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":1,"flow_src_last_pkt_time":1686236482989100,"flow_dst_last_pkt_time":1686236482989100,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686236482989100,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPMRCY72S2hzWpG0OpKPAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686236482989100,"flow_src_last_pkt_time":1686236482989100,"flow_dst_last_pkt_time":1686236482989100,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686236482989100,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":37519,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686234455283740,"flow_src_last_pkt_time":1686234455283740,"flow_dst_last_pkt_time":1686234455283740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686236482989100,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.145.180.58","src_port":37363,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":283,"packets-processed":282,"total-skipped-flows":0,"total-l4-payload-len":14503,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":277,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":277,"total-idle-flows":276,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1344,"global_ts_usec":1686238266508865} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686238266508865,"flow_src_last_pkt_time":1686238266508865,"flow_dst_last_pkt_time":1686238266508865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686238266508865,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"74.111.203.55","src_port":47606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":1,"flow_src_last_pkt_time":1686238266508865,"flow_dst_last_pkt_time":1686238266508865,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686238266508865,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRpSrsm2CTSm\/LN7n2AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686238266508865,"flow_src_last_pkt_time":1686238266508865,"flow_dst_last_pkt_time":1686238266508865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686238266508865,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"74.111.203.55","src_port":47606,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686236482989100,"flow_src_last_pkt_time":1686236482989100,"flow_dst_last_pkt_time":1686236482989100,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686238266508865,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":37519,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":284,"packets-processed":283,"total-skipped-flows":0,"total-l4-payload-len":14601,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":278,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":278,"total-idle-flows":277,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1349,"global_ts_usec":1686241261208452} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241261208452,"flow_src_last_pkt_time":1686241261208452,"flow_dst_last_pkt_time":1686241261208452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241261208452,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":32910,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":1,"flow_src_last_pkt_time":1686241261208452,"flow_dst_last_pkt_time":1686241261208452,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686241261208452,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsRrCQtY5KSWm\/UMoCOAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241261208452,"flow_src_last_pkt_time":1686241261208452,"flow_dst_last_pkt_time":1686241261208452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241261208452,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":32910,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686238266508865,"flow_src_last_pkt_time":1686238266508865,"flow_dst_last_pkt_time":1686238266508865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241261208452,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"74.111.203.55","src_port":47606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":285,"packets-processed":284,"total-skipped-flows":0,"total-l4-payload-len":14699,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":279,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":279,"total-idle-flows":278,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1354,"global_ts_usec":1686241917944669} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241917944669,"flow_src_last_pkt_time":1686241917944669,"flow_dst_last_pkt_time":1686241917944669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241917944669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"186.112.202.53","src_port":52790,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":1,"flow_src_last_pkt_time":1686241917944669,"flow_dst_last_pkt_time":1686241917944669,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686241917944669,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAPMRCZLItJByunDKNc42AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241917944669,"flow_src_last_pkt_time":1686241917944669,"flow_dst_last_pkt_time":1686241917944669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241917944669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"186.112.202.53","src_port":52790,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":286,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241261208452,"flow_src_last_pkt_time":1686241261208452,"flow_dst_last_pkt_time":1686241261208452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241917944669,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":32910,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":286,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686242007697569,"flow_src_last_pkt_time":1686242007697569,"flow_dst_last_pkt_time":1686242007697569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242007697569,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":36409,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":286,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":281,"flow_packet_id":1,"flow_src_last_pkt_time":1686242007697569,"flow_dst_last_pkt_time":1686242007697569,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686242007697569,"pkt":"bpHurUgdPJTVQTiBCABFCAB+1DEAAOsREg2GtJCVRW27No45AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":286,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686242007697569,"flow_src_last_pkt_time":1686242007697569,"flow_dst_last_pkt_time":1686242007697569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242007697569,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":36409,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01115{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":287,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241917944669,"flow_src_last_pkt_time":1686241917944669,"flow_dst_last_pkt_time":1686241917944669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242007697569,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"186.112.202.53","src_port":52790,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":287,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686242407915366,"flow_src_last_pkt_time":1686242407915366,"flow_dst_last_pkt_time":1686242407915366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242407915366,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":60621,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":287,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":1,"flow_src_last_pkt_time":1686242407915366,"flow_dst_last_pkt_time":1686242407915366,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686242407915366,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsREf22tHiLpXLKPezNAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":287,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686242407915366,"flow_src_last_pkt_time":1686242407915366,"flow_dst_last_pkt_time":1686242407915366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242407915366,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":60621,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686242007697569,"flow_src_last_pkt_time":1686242007697569,"flow_dst_last_pkt_time":1686242007697569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242407915366,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":36409,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241917944669,"flow_src_last_pkt_time":1686241917944669,"flow_dst_last_pkt_time":1686241917944669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242407915366,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"186.112.202.53","src_port":52790,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":288,"packets-processed":287,"total-skipped-flows":0,"total-l4-payload-len":14993,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":282,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":282,"total-idle-flows":281,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1368,"global_ts_usec":1686243579374691} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686243579374691,"flow_src_last_pkt_time":1686243579374691,"flow_dst_last_pkt_time":1686243579374691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686243579374691,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"165.144.84.62","src_port":60327,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":1,"flow_src_last_pkt_time":1686243579374691,"flow_dst_last_pkt_time":1686243579374691,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686243579374691,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsRrBotY5KSpZBUPuunAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686243579374691,"flow_src_last_pkt_time":1686243579374691,"flow_dst_last_pkt_time":1686243579374691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686243579374691,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"165.144.84.62","src_port":60327,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686242407915366,"flow_src_last_pkt_time":1686242407915366,"flow_dst_last_pkt_time":1686242407915366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686243579374691,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":60621,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244097863995,"flow_src_last_pkt_time":1686244097863995,"flow_dst_last_pkt_time":1686244097863995,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244097863995,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.141.37.56","src_port":56239,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":1,"flow_src_last_pkt_time":1686244097863995,"flow_dst_last_pkt_time":1686244097863995,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686244097863995,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRCZDItJByWo0lONuvAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244097863995,"flow_src_last_pkt_time":1686244097863995,"flow_dst_last_pkt_time":1686244097863995,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244097863995,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.141.37.56","src_port":56239,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686243579374691,"flow_src_last_pkt_time":1686243579374691,"flow_dst_last_pkt_time":1686243579374691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244097863995,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"165.144.84.62","src_port":60327,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":290,"packets-processed":289,"total-skipped-flows":0,"total-l4-payload-len":15189,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":284,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":284,"total-idle-flows":283,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1377,"global_ts_usec":1686244966838652} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244966838652,"flow_src_last_pkt_time":1686244966838652,"flow_dst_last_pkt_time":1686244966838652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244966838652,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"85.111.52.57","src_port":41408,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":1,"flow_src_last_pkt_time":1686244966838652,"flow_dst_last_pkt_time":1686244966838652,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686244966838652,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPMRpSXsm2CTVW80OaHAAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244966838652,"flow_src_last_pkt_time":1686244966838652,"flow_dst_last_pkt_time":1686244966838652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244966838652,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"85.111.52.57","src_port":41408,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244097863995,"flow_src_last_pkt_time":1686244097863995,"flow_dst_last_pkt_time":1686244097863995,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244966838652,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.141.37.56","src_port":56239,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":291,"packets-processed":290,"total-skipped-flows":0,"total-l4-payload-len":15287,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":285,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":285,"total-idle-flows":284,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1382,"global_ts_usec":1686256443473506} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686256443473506,"flow_src_last_pkt_time":1686256443473506,"flow_dst_last_pkt_time":1686256443473506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686256443473506,"l3_proto":"ip4","src_ip":"162.219.248.180","dst_ip":"90.147.171.51","src_port":51156,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":286,"flow_packet_id":1,"flow_src_last_pkt_time":1686256443473506,"flow_dst_last_pkt_time":1686256443473506,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686256443473506,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbP6i2\/i0WpOrM8fUAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686256443473506,"flow_src_last_pkt_time":1686256443473506,"flow_dst_last_pkt_time":1686256443473506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686256443473506,"l3_proto":"ip4","src_ip":"162.219.248.180","dst_ip":"90.147.171.51","src_port":51156,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244966838652,"flow_src_last_pkt_time":1686244966838652,"flow_dst_last_pkt_time":1686244966838652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686256443473506,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"85.111.52.57","src_port":41408,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":292,"packets-processed":291,"total-skipped-flows":0,"total-l4-payload-len":15316,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":286,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":286,"total-idle-flows":285,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1387,"global_ts_usec":1686257607667798} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257607667798,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257607667798,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":55455,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":1,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686257607667798,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80OdifAasAJRHVAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257607667798,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257607667798,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":55455,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":293,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686256443473506,"flow_src_last_pkt_time":1686256443473506,"flow_dst_last_pkt_time":1686256443473506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257607667798,"l3_proto":"ip4","src_ip":"162.219.248.180","dst_ip":"90.147.171.51","src_port":51156,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":293,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257765544403,"flow_src_last_pkt_time":1686257765544403,"flow_dst_last_pkt_time":1686257765544403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257765544403,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":50780,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":293,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":1,"flow_src_last_pkt_time":1686257765544403,"flow_dst_last_pkt_time":1686257765544403,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686257765544403,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPcZcAasAJSQTAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":293,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257765544403,"flow_src_last_pkt_time":1686257765544403,"flow_dst_last_pkt_time":1686257765544403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257765544403,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":50780,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257607667798,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257765544403,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":55455,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":294,"packets-processed":293,"total-skipped-flows":0,"total-l4-payload-len":15374,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":288,"total-detection-updates":0,"total-updates":48,"current-active-flows":2,"total-active-flows":288,"total-idle-flows":286,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1396,"global_ts_usec":1686258512561586} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686258512561586,"flow_src_last_pkt_time":1686258512561586,"flow_dst_last_pkt_time":1686258512561586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686258512561586,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":56478,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":1,"flow_src_last_pkt_time":1686258512561586,"flow_dst_last_pkt_time":1686258512561586,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686258512561586,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPURKLnIH5CeunDKNdyeAasAJQ3ZAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686258512561586,"flow_src_last_pkt_time":1686258512561586,"flow_dst_last_pkt_time":1686258512561586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686258512561586,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":56478,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257607667798,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686258512561586,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":55455,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257765544403,"flow_src_last_pkt_time":1686257765544403,"flow_dst_last_pkt_time":1686257765544403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686258512561586,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":50780,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":295,"packets-processed":294,"total-skipped-flows":0,"total-l4-payload-len":15403,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":289,"total-detection-updates":0,"total-updates":48,"current-active-flows":1,"total-active-flows":289,"total-idle-flows":288,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1402,"global_ts_usec":1686261546684605} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261546684605,"flow_src_last_pkt_time":1686261546684605,"flow_dst_last_pkt_time":1686261546684605,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261546684605,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":48895,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":1,"flow_src_last_pkt_time":1686261546684605,"flow_dst_last_pkt_time":1686261546684605,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686261546684605,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPr7\/AasAJStxAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261546684605,"flow_src_last_pkt_time":1686261546684605,"flow_dst_last_pkt_time":1686261546684605,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261546684605,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":48895,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":296,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686258512561586,"flow_src_last_pkt_time":1686258512561586,"flow_dst_last_pkt_time":1686258512561586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261546684605,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":56478,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":296,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261656437832,"flow_src_last_pkt_time":1686261656437832,"flow_dst_last_pkt_time":1686261656437832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261656437832,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":37856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":296,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":1,"flow_src_last_pkt_time":1686261656437832,"flow_dst_last_pkt_time":1686261656437832,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686261656437832,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27NpPgAasAJVaYAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":296,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261656437832,"flow_src_last_pkt_time":1686261656437832,"flow_dst_last_pkt_time":1686261656437832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261656437832,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":37856,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":297,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261546684605,"flow_src_last_pkt_time":1686261546684605,"flow_dst_last_pkt_time":1686261546684605,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261656437832,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":48895,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":297,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261885374242,"flow_src_last_pkt_time":1686261885374242,"flow_dst_last_pkt_time":1686261885374242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261885374242,"l3_proto":"ip4","src_ip":"212.154.223.103","dst_ip":"90.141.37.56","src_port":55839,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":297,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":1,"flow_src_last_pkt_time":1686261885374242,"flow_dst_last_pkt_time":1686261885374242,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686261885374242,"pkt":"3jHC4dyOPJTVQTiBCABFBABS1h8AADQRotfUmt9nWo0lONofAasAPpnuAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":297,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261885374242,"flow_src_last_pkt_time":1686261885374242,"flow_dst_last_pkt_time":1686261885374242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261885374242,"l3_proto":"ip4","src_ip":"212.154.223.103","dst_ip":"90.141.37.56","src_port":55839,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":298,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":2,"flow_src_last_pkt_time":1686261885374256,"flow_dst_last_pkt_time":1686261885374242,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686261885374256,"pkt":"3jHC4dyOPJTVQTiBCABFBABS1h8AADQRotfUmt9nWo0lONofAasAPpnuAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261546684605,"flow_src_last_pkt_time":1686261546684605,"flow_dst_last_pkt_time":1686261546684605,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261885374256,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":48895,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261656437832,"flow_src_last_pkt_time":1686261656437832,"flow_dst_last_pkt_time":1686261656437832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261885374256,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":37856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":299,"packets-processed":298,"total-skipped-flows":0,"total-l4-payload-len":15569,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":292,"total-detection-updates":0,"total-updates":49,"current-active-flows":1,"total-active-flows":292,"total-idle-flows":291,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1417,"global_ts_usec":1686262180549880} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262180549880,"flow_src_last_pkt_time":1686262180549880,"flow_dst_last_pkt_time":1686262180549880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262180549880,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"165.114.202.61","src_port":59307,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":1,"flow_src_last_pkt_time":1686262180549880,"flow_dst_last_pkt_time":1686262180549880,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":1686262180549880,"pkt":"AAwp30Y4PJTVQTiBCABFAABUwx1AADQRzjFLiYbypXLKPeerAasAQAAAAgEAADggAAAAAGqbAAJlbgAAABdzZXJ2aWNlOmRpcmVjdG9yeS1hZ2VudAAHZGVmYXVsdAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262180549880,"flow_src_last_pkt_time":1686262180549880,"flow_dst_last_pkt_time":1686262180549880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262180549880,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"165.114.202.61","src_port":59307,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":300,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1686261885374242,"flow_src_last_pkt_time":1686261885374256,"flow_dst_last_pkt_time":1686261885374242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262180549880,"l3_proto":"ip4","src_ip":"212.154.223.103","dst_ip":"90.141.37.56","src_port":55839,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":300,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262531882256,"flow_src_last_pkt_time":1686262531882256,"flow_dst_last_pkt_time":1686262531882256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262531882256,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":53742,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":300,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":1,"flow_src_last_pkt_time":1686262531882256,"flow_dst_last_pkt_time":1686262531882256,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686262531882256,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lONHuAasAJRiHAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":300,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262531882256,"flow_src_last_pkt_time":1686262531882256,"flow_dst_last_pkt_time":1686262531882256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262531882256,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":53742,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262180549880,"flow_src_last_pkt_time":1686262180549880,"flow_dst_last_pkt_time":1686262180549880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262531882256,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"165.114.202.61","src_port":59307,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":301,"packets-processed":300,"total-skipped-flows":0,"total-l4-payload-len":15654,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":294,"total-detection-updates":0,"total-updates":49,"current-active-flows":1,"total-active-flows":294,"total-idle-flows":293,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1426,"global_ts_usec":1686262998390221} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262998390221,"flow_src_last_pkt_time":1686262998390221,"flow_dst_last_pkt_time":1686262998390221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262998390221,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":33892,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":1,"flow_src_last_pkt_time":1686262998390221,"flow_dst_last_pkt_time":1686262998390221,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686262998390221,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM4RkAasAJWYXAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262998390221,"flow_src_last_pkt_time":1686262998390221,"flow_dst_last_pkt_time":1686262998390221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262998390221,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":33892,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":302,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262531882256,"flow_src_last_pkt_time":1686262531882256,"flow_dst_last_pkt_time":1686262531882256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262998390221,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":53742,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":302,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263094542703,"flow_src_last_pkt_time":1686263094542703,"flow_dst_last_pkt_time":1686263094542703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263094542703,"l3_proto":"ip4","src_ip":"197.23.155.213","dst_ip":"90.145.180.58","src_port":51534,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":302,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":1,"flow_src_last_pkt_time":1686263094542703,"flow_dst_last_pkt_time":1686263094542703,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686263094542703,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRbcLFF5vVWpG0OslOAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":302,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263094542703,"flow_src_last_pkt_time":1686263094542703,"flow_dst_last_pkt_time":1686263094542703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263094542703,"l3_proto":"ip4","src_ip":"197.23.155.213","dst_ip":"90.145.180.58","src_port":51534,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262998390221,"flow_src_last_pkt_time":1686262998390221,"flow_dst_last_pkt_time":1686262998390221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263094542703,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":33892,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263142896966,"flow_src_last_pkt_time":1686263142896966,"flow_dst_last_pkt_time":1686263142896966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263142896966,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":50776,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":297,"flow_packet_id":1,"flow_src_last_pkt_time":1686263142896966,"flow_dst_last_pkt_time":1686263142896966,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686263142896966,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMsZYAasAJSQiAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263142896966,"flow_src_last_pkt_time":1686263142896966,"flow_dst_last_pkt_time":1686263142896966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263142896966,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":50776,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":304,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262998390221,"flow_src_last_pkt_time":1686262998390221,"flow_dst_last_pkt_time":1686262998390221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263142896966,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":33892,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":304,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263094542703,"flow_src_last_pkt_time":1686263094542703,"flow_dst_last_pkt_time":1686263094542703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263142896966,"l3_proto":"ip4","src_ip":"197.23.155.213","dst_ip":"90.145.180.58","src_port":51534,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":304,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263272401090,"flow_src_last_pkt_time":1686263272401090,"flow_dst_last_pkt_time":1686263272401090,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263272401090,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":49681,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":304,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":1,"flow_src_last_pkt_time":1686263272401090,"flow_dst_last_pkt_time":1686263272401090,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686263272401090,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPURKLTIH5CeWpG0OsIRAasAJShhAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":304,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263272401090,"flow_src_last_pkt_time":1686263272401090,"flow_dst_last_pkt_time":1686263272401090,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263272401090,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":49681,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":305,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262998390221,"flow_src_last_pkt_time":1686262998390221,"flow_dst_last_pkt_time":1686262998390221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263272401090,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":33892,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":305,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263094542703,"flow_src_last_pkt_time":1686263094542703,"flow_dst_last_pkt_time":1686263094542703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263272401090,"l3_proto":"ip4","src_ip":"197.23.155.213","dst_ip":"90.145.180.58","src_port":51534,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":305,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263142896966,"flow_src_last_pkt_time":1686263142896966,"flow_dst_last_pkt_time":1686263142896966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263272401090,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":50776,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":305,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263490143641,"flow_src_last_pkt_time":1686263490143641,"flow_dst_last_pkt_time":1686263490143641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263490143641,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":36077,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":305,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":1,"flow_src_last_pkt_time":1686263490143641,"flow_dst_last_pkt_time":1686263490143641,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686263490143641,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN4ztAasAJV2MAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":305,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263490143641,"flow_src_last_pkt_time":1686263490143641,"flow_dst_last_pkt_time":1686263490143641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263490143641,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":36077,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263094542703,"flow_src_last_pkt_time":1686263094542703,"flow_dst_last_pkt_time":1686263094542703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263490143641,"l3_proto":"ip4","src_ip":"197.23.155.213","dst_ip":"90.145.180.58","src_port":51534,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263272401090,"flow_src_last_pkt_time":1686263272401090,"flow_dst_last_pkt_time":1686263272401090,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263490143641,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":49681,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263142896966,"flow_src_last_pkt_time":1686263142896966,"flow_dst_last_pkt_time":1686263142896966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263490143641,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":50776,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":306,"packets-processed":305,"total-skipped-flows":0,"total-l4-payload-len":15799,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":299,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":299,"total-idle-flows":298,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1452,"global_ts_usec":1686264627972582} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686264627972582,"flow_src_last_pkt_time":1686264627972582,"flow_dst_last_pkt_time":1686264627972582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686264627972582,"l3_proto":"ip4","src_ip":"66.224.226.183","dst_ip":"165.144.84.62","src_port":52476,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":1,"flow_src_last_pkt_time":1686264627972582,"flow_dst_last_pkt_time":1686264627972582,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686264627972582,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbfZC4OK3pZBUPsz8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686264627972582,"flow_src_last_pkt_time":1686264627972582,"flow_dst_last_pkt_time":1686264627972582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686264627972582,"l3_proto":"ip4","src_ip":"66.224.226.183","dst_ip":"165.144.84.62","src_port":52476,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263490143641,"flow_src_last_pkt_time":1686263490143641,"flow_dst_last_pkt_time":1686263490143641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686264627972582,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":36077,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":307,"packets-processed":306,"total-skipped-flows":0,"total-l4-payload-len":15828,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":300,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":300,"total-idle-flows":299,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1457,"global_ts_usec":1686265884829767} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686265884829767,"flow_src_last_pkt_time":1686265884829767,"flow_dst_last_pkt_time":1686265884829767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686265884829767,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"69.109.187.54","src_port":59902,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":1,"flow_src_last_pkt_time":1686265884829767,"flow_dst_last_pkt_time":1686265884829767,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686265884829767,"pkt":"bpHurUgdPJTVQTiBCABFCABLZJsAACQRX81bIWraRW27Nun+AasANzOEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686265884829767,"flow_src_last_pkt_time":1686265884829767,"flow_dst_last_pkt_time":1686265884829767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686265884829767,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"69.109.187.54","src_port":59902,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686264627972582,"flow_src_last_pkt_time":1686264627972582,"flow_dst_last_pkt_time":1686264627972582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686265884829767,"l3_proto":"ip4","src_ip":"66.224.226.183","dst_ip":"165.144.84.62","src_port":52476,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":308,"packets-processed":307,"total-skipped-flows":0,"total-l4-payload-len":15875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":301,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":301,"total-idle-flows":300,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1462,"global_ts_usec":1686266868932026} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686266868932026,"flow_src_last_pkt_time":1686266868932026,"flow_dst_last_pkt_time":1686266868932026,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686266868932026,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"85.111.52.57","src_port":50356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":1,"flow_src_last_pkt_time":1686266868932026,"flow_dst_last_pkt_time":1686266868932026,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686266868932026,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRX53OzBhaVW80OcS0AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686266868932026,"flow_src_last_pkt_time":1686266868932026,"flow_dst_last_pkt_time":1686266868932026,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686266868932026,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"85.111.52.57","src_port":50356,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686265884829767,"flow_src_last_pkt_time":1686265884829767,"flow_dst_last_pkt_time":1686265884829767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686266868932026,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"69.109.187.54","src_port":59902,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":309,"packets-processed":308,"total-skipped-flows":0,"total-l4-payload-len":15904,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":302,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":302,"total-idle-flows":301,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1467,"global_ts_usec":1686268741318193} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686268741318193,"flow_src_last_pkt_time":1686268741318193,"flow_dst_last_pkt_time":1686268741318193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686268741318193,"l3_proto":"ip4","src_ip":"76.45.103.228","dst_ip":"90.111.212.50","src_port":55007,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":1,"flow_src_last_pkt_time":1686268741318193,"flow_dst_last_pkt_time":1686268741318193,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686268741318193,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRX\/9MLWfkWm\/UMtbfAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686268741318193,"flow_src_last_pkt_time":1686268741318193,"flow_dst_last_pkt_time":1686268741318193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686268741318193,"l3_proto":"ip4","src_ip":"76.45.103.228","dst_ip":"90.111.212.50","src_port":55007,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686266868932026,"flow_src_last_pkt_time":1686266868932026,"flow_dst_last_pkt_time":1686266868932026,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686268741318193,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"85.111.52.57","src_port":50356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686269328666858,"flow_src_last_pkt_time":1686269328666858,"flow_dst_last_pkt_time":1686269328666858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686269328666858,"l3_proto":"ip4","src_ip":"218.118.131.113","dst_ip":"186.112.202.53","src_port":8622,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":1,"flow_src_last_pkt_time":1686269328666858,"flow_dst_last_pkt_time":1686269328666858,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686269328666858,"pkt":"xmjqc4OdPJTVQTiBCABFAABLWZ4AACcReX7adoNxunDKNSGuAasANw2BAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686269328666858,"flow_src_last_pkt_time":1686269328666858,"flow_dst_last_pkt_time":1686269328666858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686269328666858,"l3_proto":"ip4","src_ip":"218.118.131.113","dst_ip":"186.112.202.53","src_port":8622,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686268741318193,"flow_src_last_pkt_time":1686268741318193,"flow_dst_last_pkt_time":1686268741318193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686269328666858,"l3_proto":"ip4","src_ip":"76.45.103.228","dst_ip":"90.111.212.50","src_port":55007,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":311,"packets-processed":310,"total-skipped-flows":0,"total-l4-payload-len":15980,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":304,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":304,"total-idle-flows":303,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1476,"global_ts_usec":1686271029434310} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686271029434310,"flow_src_last_pkt_time":1686271029434310,"flow_dst_last_pkt_time":1686271029434310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686271029434310,"l3_proto":"ip4","src_ip":"189.229.250.75","dst_ip":"165.114.202.61","src_port":50111,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":305,"flow_packet_id":1,"flow_src_last_pkt_time":1686271029434310,"flow_dst_last_pkt_time":1686271029434310,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686271029434310,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbHG95fpLpXLKPcO\/AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686271029434310,"flow_src_last_pkt_time":1686271029434310,"flow_dst_last_pkt_time":1686271029434310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686271029434310,"l3_proto":"ip4","src_ip":"189.229.250.75","dst_ip":"165.114.202.61","src_port":50111,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686269328666858,"flow_src_last_pkt_time":1686269328666858,"flow_dst_last_pkt_time":1686269328666858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686271029434310,"l3_proto":"ip4","src_ip":"218.118.131.113","dst_ip":"186.112.202.53","src_port":8622,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":312,"packets-processed":311,"total-skipped-flows":0,"total-l4-payload-len":16009,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":305,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":305,"total-idle-flows":304,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1481,"global_ts_usec":1686272210557633} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686272210557633,"flow_src_last_pkt_time":1686272210557633,"flow_dst_last_pkt_time":1686272210557633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686272210557633,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"69.109.187.54","src_port":21256,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":306,"flow_packet_id":1,"flow_src_last_pkt_time":1686272210557633,"flow_dst_last_pkt_time":1686272210557633,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686272210557633,"pkt":"bpHurUgdPJTVQTiBCABFAABLiBsAACcRSwWlgP10RW27NlMIAasAN9wqAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686272210557633,"flow_src_last_pkt_time":1686272210557633,"flow_dst_last_pkt_time":1686272210557633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686272210557633,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"69.109.187.54","src_port":21256,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686271029434310,"flow_src_last_pkt_time":1686271029434310,"flow_dst_last_pkt_time":1686271029434310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686272210557633,"l3_proto":"ip4","src_ip":"189.229.250.75","dst_ip":"165.114.202.61","src_port":50111,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":313,"packets-processed":312,"total-skipped-flows":0,"total-l4-payload-len":16056,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":306,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":306,"total-idle-flows":305,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1486,"global_ts_usec":1686276490401508} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686276490401508,"flow_src_last_pkt_time":1686276490401508,"flow_dst_last_pkt_time":1686276490401508,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686276490401508,"l3_proto":"ip4","src_ip":"94.230.158.79","dst_ip":"74.111.203.55","src_port":55750,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":307,"flow_packet_id":1,"flow_src_last_pkt_time":1686276490401508,"flow_dst_last_pkt_time":1686276490401508,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686276490401508,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRbH9e5p5PSm\/LN9nGAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686276490401508,"flow_src_last_pkt_time":1686276490401508,"flow_dst_last_pkt_time":1686276490401508,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686276490401508,"l3_proto":"ip4","src_ip":"94.230.158.79","dst_ip":"74.111.203.55","src_port":55750,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686272210557633,"flow_src_last_pkt_time":1686272210557633,"flow_dst_last_pkt_time":1686272210557633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686276490401508,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"69.109.187.54","src_port":21256,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686277031596938,"flow_src_last_pkt_time":1686277031596938,"flow_dst_last_pkt_time":1686277031596938,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686277031596938,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.145.180.58","src_port":37602,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":308,"flow_packet_id":1,"flow_src_last_pkt_time":1686277031596938,"flow_dst_last_pkt_time":1686277031596938,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686277031596938,"pkt":"bs1PogZtPJTVQTiBCABFCABLQa4AACIRiPcj\/EVxWpG0OpLiAasAN47dAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686277031596938,"flow_src_last_pkt_time":1686277031596938,"flow_dst_last_pkt_time":1686277031596938,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686277031596938,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.145.180.58","src_port":37602,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686276490401508,"flow_src_last_pkt_time":1686276490401508,"flow_dst_last_pkt_time":1686276490401508,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686277031596938,"l3_proto":"ip4","src_ip":"94.230.158.79","dst_ip":"74.111.203.55","src_port":55750,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":315,"packets-processed":314,"total-skipped-flows":0,"total-l4-payload-len":16132,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":308,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":308,"total-idle-flows":307,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1495,"global_ts_usec":1686279640620137} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686279640620137,"flow_src_last_pkt_time":1686279640620137,"flow_dst_last_pkt_time":1686279640620137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686279640620137,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"90.147.171.51","src_port":46606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":1,"flow_src_last_pkt_time":1686279640620137,"flow_dst_last_pkt_time":1686279640620137,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686279640620137,"pkt":"AAwp30Y4PJTVQTiBCABFCABL5wQAACIR47OY\/6p8WpOrM7YOAasAN2vEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686279640620137,"flow_src_last_pkt_time":1686279640620137,"flow_dst_last_pkt_time":1686279640620137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686279640620137,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"90.147.171.51","src_port":46606,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686277031596938,"flow_src_last_pkt_time":1686277031596938,"flow_dst_last_pkt_time":1686277031596938,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686279640620137,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.145.180.58","src_port":37602,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":316,"packets-processed":315,"total-skipped-flows":0,"total-l4-payload-len":16179,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":309,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":309,"total-idle-flows":308,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1500,"global_ts_usec":1686282116013463} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686282116013463,"flow_src_last_pkt_time":1686282116013463,"flow_dst_last_pkt_time":1686282116013463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686282116013463,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":54818,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":1,"flow_src_last_pkt_time":1686282116013463,"flow_dst_last_pkt_time":1686282116013463,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686282116013463,"pkt":"AAwp30Y4PJTVQTiBCABFCABSCtkAAGsRC7dDnxCWpXLKPdYiAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686282116013463,"flow_src_last_pkt_time":1686282116013463,"flow_dst_last_pkt_time":1686282116013463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686282116013463,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":54818,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686279640620137,"flow_src_last_pkt_time":1686279640620137,"flow_dst_last_pkt_time":1686279640620137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686282116013463,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"90.147.171.51","src_port":46606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":317,"packets-processed":316,"total-skipped-flows":0,"total-l4-payload-len":16233,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":310,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":310,"total-idle-flows":309,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1505,"global_ts_usec":1686283230398748} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686283230398748,"flow_src_last_pkt_time":1686283230398748,"flow_dst_last_pkt_time":1686283230398748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686283230398748,"l3_proto":"ip4","src_ip":"93.26.159.17","dst_ip":"186.112.202.53","src_port":57065,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":311,"flow_packet_id":1,"flow_src_last_pkt_time":1686283230398748,"flow_dst_last_pkt_time":1686283230398748,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686283230398748,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbUxdGp8RunDKNd7pAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686283230398748,"flow_src_last_pkt_time":1686283230398748,"flow_dst_last_pkt_time":1686283230398748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686283230398748,"l3_proto":"ip4","src_ip":"93.26.159.17","dst_ip":"186.112.202.53","src_port":57065,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686282116013463,"flow_src_last_pkt_time":1686282116013463,"flow_dst_last_pkt_time":1686282116013463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686283230398748,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":54818,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":318,"packets-processed":317,"total-skipped-flows":0,"total-l4-payload-len":16262,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":311,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":311,"total-idle-flows":310,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1510,"global_ts_usec":1686284127841221} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686284127841221,"flow_src_last_pkt_time":1686284127841221,"flow_dst_last_pkt_time":1686284127841221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686284127841221,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.141.37.56","src_port":49891,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":312,"flow_packet_id":1,"flow_src_last_pkt_time":1686284127841221,"flow_dst_last_pkt_time":1686284127841221,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686284127841221,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRbM3ZH+f\/Wo0lOMLjAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686284127841221,"flow_src_last_pkt_time":1686284127841221,"flow_dst_last_pkt_time":1686284127841221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686284127841221,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.141.37.56","src_port":49891,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686283230398748,"flow_src_last_pkt_time":1686283230398748,"flow_dst_last_pkt_time":1686283230398748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686284127841221,"l3_proto":"ip4","src_ip":"93.26.159.17","dst_ip":"186.112.202.53","src_port":57065,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":319,"packets-processed":318,"total-skipped-flows":0,"total-l4-payload-len":16291,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":312,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":312,"total-idle-flows":311,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1515,"global_ts_usec":1686290568082392} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686290568082392,"flow_src_last_pkt_time":1686290568082392,"flow_dst_last_pkt_time":1686290568082392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686290568082392,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":12620,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":313,"flow_packet_id":1,"flow_src_last_pkt_time":1686290568082392,"flow_dst_last_pkt_time":1686290568082392,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686290568082392,"pkt":"AAwp30Y4PJTVQTiBCABFAABScHIAAG0RpCZDnxCWpZBUPjFMAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686290568082392,"flow_src_last_pkt_time":1686290568082392,"flow_dst_last_pkt_time":1686290568082392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686290568082392,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":12620,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686284127841221,"flow_src_last_pkt_time":1686284127841221,"flow_dst_last_pkt_time":1686284127841221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686290568082392,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.141.37.56","src_port":49891,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":320,"packets-processed":319,"total-skipped-flows":0,"total-l4-payload-len":16345,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":313,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":313,"total-idle-flows":312,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1520,"global_ts_usec":1686292143831347} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292143831347,"flow_src_last_pkt_time":1686292143831347,"flow_dst_last_pkt_time":1686292143831347,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292143831347,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":12480,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":314,"flow_packet_id":1,"flow_src_last_pkt_time":1686292143831347,"flow_dst_last_pkt_time":1686292143831347,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686292143831347,"pkt":"moT+\/Ph8PJTVQTiBCABFCABL62sAACIR3z5b\/2t0VW80OTDAAasAN\/EEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292143831347,"flow_src_last_pkt_time":1686292143831347,"flow_dst_last_pkt_time":1686292143831347,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292143831347,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":12480,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":321,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686290568082392,"flow_src_last_pkt_time":1686290568082392,"flow_dst_last_pkt_time":1686290568082392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292143831347,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":12620,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":321,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292431165594,"flow_src_last_pkt_time":1686292431165594,"flow_dst_last_pkt_time":1686292431165594,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292431165594,"l3_proto":"ip4","src_ip":"175.239.255.217","dst_ip":"69.109.187.54","src_port":53820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":321,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":315,"flow_packet_id":1,"flow_src_last_pkt_time":1686292431165594,"flow_dst_last_pkt_time":1686292431165594,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686292431165594,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRXt6v7\/\/ZRW27NtI8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":321,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292431165594,"flow_src_last_pkt_time":1686292431165594,"flow_dst_last_pkt_time":1686292431165594,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292431165594,"l3_proto":"ip4","src_ip":"175.239.255.217","dst_ip":"69.109.187.54","src_port":53820,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292143831347,"flow_src_last_pkt_time":1686292143831347,"flow_dst_last_pkt_time":1686292143831347,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292431165594,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":12480,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":322,"packets-processed":321,"total-skipped-flows":0,"total-l4-payload-len":16421,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":315,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":315,"total-idle-flows":314,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1529,"global_ts_usec":1686295204381615} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686295204381615,"flow_src_last_pkt_time":1686295204381615,"flow_dst_last_pkt_time":1686295204381615,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686295204381615,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.145.180.58","src_port":53644,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":316,"flow_packet_id":1,"flow_src_last_pkt_time":1686295204381615,"flow_dst_last_pkt_time":1686295204381615,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686295204381615,"pkt":"bs1PogZtPJTVQTiBCABFCABSvkIAAGsRWFBDnxCWWpG0OtGMAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686295204381615,"flow_src_last_pkt_time":1686295204381615,"flow_dst_last_pkt_time":1686295204381615,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686295204381615,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.145.180.58","src_port":53644,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292431165594,"flow_src_last_pkt_time":1686292431165594,"flow_dst_last_pkt_time":1686292431165594,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686295204381615,"l3_proto":"ip4","src_ip":"175.239.255.217","dst_ip":"69.109.187.54","src_port":53820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":323,"packets-processed":322,"total-skipped-flows":0,"total-l4-payload-len":16475,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":316,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":316,"total-idle-flows":315,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1534,"global_ts_usec":1686301765843785} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686301765843785,"flow_src_last_pkt_time":1686301765843785,"flow_dst_last_pkt_time":1686301765843785,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686301765843785,"l3_proto":"ip4","src_ip":"7.110.179.205","dst_ip":"165.144.84.62","src_port":58317,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":317,"flow_packet_id":1,"flow_src_last_pkt_time":1686301765843785,"flow_dst_last_pkt_time":1686301765843785,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686301765843785,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+ZMJAADQR\/Z8HbrPNpZBUPuPNAasAKqdQAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686301765843785,"flow_src_last_pkt_time":1686301765843785,"flow_dst_last_pkt_time":1686301765843785,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686301765843785,"l3_proto":"ip4","src_ip":"7.110.179.205","dst_ip":"165.144.84.62","src_port":58317,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686295204381615,"flow_src_last_pkt_time":1686295204381615,"flow_dst_last_pkt_time":1686295204381615,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686301765843785,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.145.180.58","src_port":53644,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":324,"packets-processed":323,"total-skipped-flows":0,"total-l4-payload-len":16509,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":317,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":317,"total-idle-flows":316,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1539,"global_ts_usec":1686303104961112} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303104961112,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303104961112,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"165.114.202.61","src_port":37975,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_packet_id":1,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686303104961112,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+LXZAADQRNPvJ7YfSpXLKPZRXAasAKvbVAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303104961112,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303104961112,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"165.114.202.61","src_port":37975,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":325,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686301765843785,"flow_src_last_pkt_time":1686301765843785,"flow_dst_last_pkt_time":1686301765843785,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303104961112,"l3_proto":"ip4","src_ip":"7.110.179.205","dst_ip":"165.144.84.62","src_port":58317,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":325,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303160580622,"flow_src_last_pkt_time":1686303160580622,"flow_dst_last_pkt_time":1686303160580622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303160580622,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"85.111.52.57","src_port":63808,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":325,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":319,"flow_packet_id":1,"flow_src_last_pkt_time":1686303160580622,"flow_dst_last_pkt_time":1686303160580622,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686303160580622,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+Py1AADQRI2U5ooDqVW80OflAAasAKpINAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":325,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303160580622,"flow_src_last_pkt_time":1686303160580622,"flow_dst_last_pkt_time":1686303160580622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303160580622,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"85.111.52.57","src_port":63808,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01115{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303104961112,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303160580622,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"165.114.202.61","src_port":37975,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":326,"packets-processed":325,"total-skipped-flows":0,"total-l4-payload-len":16577,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":319,"total-detection-updates":0,"total-updates":55,"current-active-flows":2,"total-active-flows":319,"total-idle-flows":317,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1548,"global_ts_usec":1686303829470774} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303829470774,"flow_src_last_pkt_time":1686303829470774,"flow_dst_last_pkt_time":1686303829470774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303829470774,"l3_proto":"ip4","src_ip":"120.46.80.212","dst_ip":"74.111.203.55","src_port":60012,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":320,"flow_packet_id":1,"flow_src_last_pkt_time":1686303829470774,"flow_dst_last_pkt_time":1686303829470774,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686303829470774,"pkt":"ipffLU2SPJTVQTiBCABFAAA+mKZAADQRydB4LlDUSm\/LN+psAasAKqDGAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303829470774,"flow_src_last_pkt_time":1686303829470774,"flow_dst_last_pkt_time":1686303829470774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303829470774,"l3_proto":"ip4","src_ip":"120.46.80.212","dst_ip":"74.111.203.55","src_port":60012,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303160580622,"flow_src_last_pkt_time":1686303160580622,"flow_dst_last_pkt_time":1686303160580622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303829470774,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"85.111.52.57","src_port":63808,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303104961112,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303829470774,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"165.114.202.61","src_port":37975,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":327,"packets-processed":326,"total-skipped-flows":0,"total-l4-payload-len":16611,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":320,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":320,"total-idle-flows":319,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1554,"global_ts_usec":1686304502775958} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304502775958,"flow_src_last_pkt_time":1686304502775958,"flow_dst_last_pkt_time":1686304502775958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304502775958,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"69.109.187.54","src_port":48188,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":321,"flow_packet_id":1,"flow_src_last_pkt_time":1686304502775958,"flow_dst_last_pkt_time":1686304502775958,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686304502775958,"pkt":"bpHurUgdPJTVQTiBCABFAAA+ef9AADQR6JY5ooDqRW27Nrw8AasAKs8VAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304502775958,"flow_src_last_pkt_time":1686304502775958,"flow_dst_last_pkt_time":1686304502775958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304502775958,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"69.109.187.54","src_port":48188,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":328,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303829470774,"flow_src_last_pkt_time":1686303829470774,"flow_dst_last_pkt_time":1686303829470774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304502775958,"l3_proto":"ip4","src_ip":"120.46.80.212","dst_ip":"74.111.203.55","src_port":60012,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":328,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304868179785,"flow_src_last_pkt_time":1686304868179785,"flow_dst_last_pkt_time":1686304868179785,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304868179785,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"90.141.37.56","src_port":19665,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":328,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":322,"flow_packet_id":1,"flow_src_last_pkt_time":1686304868179785,"flow_dst_last_pkt_time":1686304868179785,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686304868179785,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+RtxAADQRG7c5ooDqWo0lOEzRAasAKj5+AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":328,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304868179785,"flow_src_last_pkt_time":1686304868179785,"flow_dst_last_pkt_time":1686304868179785,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304868179785,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"90.141.37.56","src_port":19665,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304502775958,"flow_src_last_pkt_time":1686304502775958,"flow_dst_last_pkt_time":1686304502775958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304868179785,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"69.109.187.54","src_port":48188,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":329,"packets-processed":328,"total-skipped-flows":0,"total-l4-payload-len":16679,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":322,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":322,"total-idle-flows":321,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1563,"global_ts_usec":1686305286126745} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305286126745,"flow_src_last_pkt_time":1686305286126745,"flow_dst_last_pkt_time":1686305286126745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305286126745,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"90.145.180.58","src_port":6545,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":323,"flow_packet_id":1,"flow_src_last_pkt_time":1686305286126745,"flow_dst_last_pkt_time":1686305286126745,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686305286126745,"pkt":"bs1PogZtPJTVQTiBCABFAAA+FfdAADQRTH3J7YfSWpG0OhmRAasAKnGfAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305286126745,"flow_src_last_pkt_time":1686305286126745,"flow_dst_last_pkt_time":1686305286126745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305286126745,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"90.145.180.58","src_port":6545,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":330,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304868179785,"flow_src_last_pkt_time":1686304868179785,"flow_dst_last_pkt_time":1686304868179785,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305286126745,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"90.141.37.56","src_port":19665,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":330,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305534685025,"flow_src_last_pkt_time":1686305534685025,"flow_dst_last_pkt_time":1686305534685025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305534685025,"l3_proto":"ip4","src_ip":"247.93.183.197","dst_ip":"90.147.171.51","src_port":10997,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":330,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":324,"flow_packet_id":1,"flow_src_last_pkt_time":1686305534685025,"flow_dst_last_pkt_time":1686305534685025,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686305534685025,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+A\/BAADQRXnX3XbfFWpOrMyr1AasAKmAsAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":330,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305534685025,"flow_src_last_pkt_time":1686305534685025,"flow_dst_last_pkt_time":1686305534685025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305534685025,"l3_proto":"ip4","src_ip":"247.93.183.197","dst_ip":"90.147.171.51","src_port":10997,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":331,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305544554511,"flow_src_last_pkt_time":1686305544554511,"flow_dst_last_pkt_time":1686305544554511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305544554511,"l3_proto":"ip4","src_ip":"247.93.183.197","dst_ip":"186.112.202.53","src_port":8213,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":331,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":325,"flow_packet_id":1,"flow_src_last_pkt_time":1686305544554511,"flow_dst_last_pkt_time":1686305544554511,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686305544554511,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+PF5AADQRJgP3XbfFunDKNSAVAasAKmsIAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":331,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305544554511,"flow_src_last_pkt_time":1686305544554511,"flow_dst_last_pkt_time":1686305544554511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305544554511,"l3_proto":"ip4","src_ip":"247.93.183.197","dst_ip":"186.112.202.53","src_port":8213,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305286126745,"flow_src_last_pkt_time":1686305286126745,"flow_dst_last_pkt_time":1686305286126745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305544554511,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"90.145.180.58","src_port":6545,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":332,"packets-processed":331,"total-skipped-flows":0,"total-l4-payload-len":16781,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":325,"total-detection-updates":0,"total-updates":55,"current-active-flows":2,"total-active-flows":325,"total-idle-flows":323,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1575,"global_ts_usec":1686312624909971} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686312624909971,"flow_src_last_pkt_time":1686312624909971,"flow_dst_last_pkt_time":1686312624909971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686312624909971,"l3_proto":"ip4","src_ip":"37.97.4.125","dst_ip":"90.141.37.56","src_port":16072,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":326,"flow_packet_id":1,"flow_src_last_pkt_time":1686312624909971,"flow_dst_last_pkt_time":1686312624909971,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686312624909971,"pkt":"3jHC4dyOPJTVQTiBCABFAABLr5UAACcRI44lYQR9Wo0lOD7IAasAN\/BtAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686312624909971,"flow_src_last_pkt_time":1686312624909971,"flow_dst_last_pkt_time":1686312624909971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686312624909971,"l3_proto":"ip4","src_ip":"37.97.4.125","dst_ip":"90.141.37.56","src_port":16072,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305544554511,"flow_src_last_pkt_time":1686305544554511,"flow_dst_last_pkt_time":1686305544554511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686312624909971,"l3_proto":"ip4","src_ip":"247.93.183.197","dst_ip":"186.112.202.53","src_port":8213,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305534685025,"flow_src_last_pkt_time":1686305534685025,"flow_dst_last_pkt_time":1686305534685025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686312624909971,"l3_proto":"ip4","src_ip":"247.93.183.197","dst_ip":"90.147.171.51","src_port":10997,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":333,"packets-processed":332,"total-skipped-flows":0,"total-l4-payload-len":16828,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":326,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":326,"total-idle-flows":325,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1581,"global_ts_usec":1686321706660675} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686321706660675,"flow_src_last_pkt_time":1686321706660675,"flow_dst_last_pkt_time":1686321706660675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686321706660675,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"85.111.52.57","src_port":34761,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":327,"flow_packet_id":1,"flow_src_last_pkt_time":1686321706660675,"flow_dst_last_pkt_time":1686321706660675,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686321706660675,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPMRCZD2S2hzVW80OYfJAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686321706660675,"flow_src_last_pkt_time":1686321706660675,"flow_dst_last_pkt_time":1686321706660675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686321706660675,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"85.111.52.57","src_port":34761,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686312624909971,"flow_src_last_pkt_time":1686312624909971,"flow_dst_last_pkt_time":1686312624909971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686321706660675,"l3_proto":"ip4","src_ip":"37.97.4.125","dst_ip":"90.141.37.56","src_port":16072,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":334,"packets-processed":333,"total-skipped-flows":0,"total-l4-payload-len":16926,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":327,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":327,"total-idle-flows":326,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1586,"global_ts_usec":1686324009293668} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324009293668,"flow_src_last_pkt_time":1686324009293668,"flow_dst_last_pkt_time":1686324009293668,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324009293668,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":51620,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":328,"flow_packet_id":1,"flow_src_last_pkt_time":1686324009293668,"flow_dst_last_pkt_time":1686324009293668,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686324009293668,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAO0REAO2tHiLWo0lOMmkAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324009293668,"flow_src_last_pkt_time":1686324009293668,"flow_dst_last_pkt_time":1686324009293668,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324009293668,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":51620,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686321706660675,"flow_src_last_pkt_time":1686321706660675,"flow_dst_last_pkt_time":1686321706660675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324009293668,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"85.111.52.57","src_port":34761,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":335,"packets-processed":334,"total-skipped-flows":0,"total-l4-payload-len":17024,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":328,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":328,"total-idle-flows":327,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1591,"global_ts_usec":1686324751894084} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324751894084,"flow_src_last_pkt_time":1686324751894084,"flow_dst_last_pkt_time":1686324751894084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324751894084,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":41843,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":329,"flow_packet_id":1,"flow_src_last_pkt_time":1686324751894084,"flow_dst_last_pkt_time":1686324751894084,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686324751894084,"pkt":"bs1PogZtPJTVQTiBCABFCAB+1DEAAO0RqigTY5KcWpG0OqNzAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324751894084,"flow_src_last_pkt_time":1686324751894084,"flow_dst_last_pkt_time":1686324751894084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324751894084,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":41843,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":336,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324009293668,"flow_src_last_pkt_time":1686324009293668,"flow_dst_last_pkt_time":1686324009293668,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324751894084,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":51620,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":336,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324780665773,"flow_src_last_pkt_time":1686324780665773,"flow_dst_last_pkt_time":1686324780665773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324780665773,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":29266,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":336,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":330,"flow_packet_id":1,"flow_src_last_pkt_time":1686324780665773,"flow_dst_last_pkt_time":1686324780665773,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686324780665773,"pkt":"AAwp30Y4PJTVQTiBCABFAABL\/uwAACcR1DRiZ\/1zWm\/UMnJSAasAN7zhAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":336,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324780665773,"flow_src_last_pkt_time":1686324780665773,"flow_dst_last_pkt_time":1686324780665773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324780665773,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":29266,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":337,"packets-processed":336,"total-skipped-flows":0,"total-l4-payload-len":17169,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":330,"total-detection-updates":0,"total-updates":55,"current-active-flows":2,"total-active-flows":330,"total-idle-flows":328,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1599,"global_ts_usec":1686325702442238} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686325702442238,"flow_src_last_pkt_time":1686325702442238,"flow_dst_last_pkt_time":1686325702442238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686325702442238,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":34997,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":331,"flow_packet_id":1,"flow_src_last_pkt_time":1686325702442238,"flow_dst_last_pkt_time":1686325702442238,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686325702442238,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZXItJByWm\/UMoi1AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686325702442238,"flow_src_last_pkt_time":1686325702442238,"flow_dst_last_pkt_time":1686325702442238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686325702442238,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":34997,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324751894084,"flow_src_last_pkt_time":1686324751894084,"flow_dst_last_pkt_time":1686324751894084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686325702442238,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":41843,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324780665773,"flow_src_last_pkt_time":1686324780665773,"flow_dst_last_pkt_time":1686324780665773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686325702442238,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":29266,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":338,"packets-processed":337,"total-skipped-flows":0,"total-l4-payload-len":17267,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":331,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":331,"total-idle-flows":330,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1605,"global_ts_usec":1686326962813579} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686326962813579,"flow_src_last_pkt_time":1686326962813579,"flow_dst_last_pkt_time":1686326962813579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686326962813579,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":32881,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":332,"flow_packet_id":1,"flow_src_last_pkt_time":1686326962813579,"flow_dst_last_pkt_time":1686326962813579,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686326962813579,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZbItJByWpOrM4BxAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686326962813579,"flow_src_last_pkt_time":1686326962813579,"flow_dst_last_pkt_time":1686326962813579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686326962813579,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":32881,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686325702442238,"flow_src_last_pkt_time":1686325702442238,"flow_dst_last_pkt_time":1686325702442238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686326962813579,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":34997,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":339,"packets-processed":338,"total-skipped-flows":0,"total-l4-payload-len":17365,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":332,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":332,"total-idle-flows":331,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1610,"global_ts_usec":1686329069716669} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686329069716669,"flow_src_last_pkt_time":1686329069716669,"flow_dst_last_pkt_time":1686329069716669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686329069716669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"165.144.84.62","src_port":36679,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":1,"flow_src_last_pkt_time":1686329069716669,"flow_dst_last_pkt_time":1686329069716669,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686329069716669,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCYvItJBypZBUPo9HAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686329069716669,"flow_src_last_pkt_time":1686329069716669,"flow_dst_last_pkt_time":1686329069716669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686329069716669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"165.144.84.62","src_port":36679,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686326962813579,"flow_src_last_pkt_time":1686326962813579,"flow_dst_last_pkt_time":1686326962813579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686329069716669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":32881,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":340,"packets-processed":339,"total-skipped-flows":0,"total-l4-payload-len":17463,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":333,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":333,"total-idle-flows":332,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1615,"global_ts_usec":1686330200907102} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686330200907102,"flow_src_last_pkt_time":1686330200907102,"flow_dst_last_pkt_time":1686330200907102,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686330200907102,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":50741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":1,"flow_src_last_pkt_time":1686330200907102,"flow_dst_last_pkt_time":1686330200907102,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686330200907102,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAO0RqigTnLybunDKNcY1AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686330200907102,"flow_src_last_pkt_time":1686330200907102,"flow_dst_last_pkt_time":1686330200907102,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686330200907102,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":50741,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686329069716669,"flow_src_last_pkt_time":1686329069716669,"flow_dst_last_pkt_time":1686329069716669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686330200907102,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"165.144.84.62","src_port":36679,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":341,"packets-processed":340,"total-skipped-flows":0,"total-l4-payload-len":17561,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":334,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":334,"total-idle-flows":333,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1620,"global_ts_usec":1686331103032820} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331103032820,"flow_src_last_pkt_time":1686331103032820,"flow_dst_last_pkt_time":1686331103032820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331103032820,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":52293,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":335,"flow_packet_id":1,"flow_src_last_pkt_time":1686331103032820,"flow_dst_last_pkt_time":1686331103032820,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686331103032820,"pkt":"bpHurUgdPJTVQTiBCABFCAB+1DEAAO0REA2GtJCVRW27NsxFAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331103032820,"flow_src_last_pkt_time":1686331103032820,"flow_dst_last_pkt_time":1686331103032820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331103032820,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":52293,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":342,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686330200907102,"flow_src_last_pkt_time":1686330200907102,"flow_dst_last_pkt_time":1686330200907102,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331103032820,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":50741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":342,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331598448412,"flow_src_last_pkt_time":1686331598448412,"flow_dst_last_pkt_time":1686331598448412,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331598448412,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"74.111.203.55","src_port":57184,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":342,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":336,"flow_packet_id":1,"flow_src_last_pkt_time":1686331598448412,"flow_dst_last_pkt_time":1686331598448412,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686331598448412,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRCZTItJBySm\/LN99gAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":342,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331598448412,"flow_src_last_pkt_time":1686331598448412,"flow_dst_last_pkt_time":1686331598448412,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331598448412,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"74.111.203.55","src_port":57184,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331103032820,"flow_src_last_pkt_time":1686331103032820,"flow_dst_last_pkt_time":1686331103032820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331598448412,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":52293,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":343,"packets-processed":342,"total-skipped-flows":0,"total-l4-payload-len":17757,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":336,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":336,"total-idle-flows":335,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1629,"global_ts_usec":1686332169029831} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686332169029831,"flow_src_last_pkt_time":1686332169029831,"flow_dst_last_pkt_time":1686332169029831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686332169029831,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":54751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":337,"flow_packet_id":1,"flow_src_last_pkt_time":1686332169029831,"flow_dst_last_pkt_time":1686332169029831,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686332169029831,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqhguZGGTpXLKPdXfAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686332169029831,"flow_src_last_pkt_time":1686332169029831,"flow_dst_last_pkt_time":1686332169029831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686332169029831,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":54751,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331598448412,"flow_src_last_pkt_time":1686331598448412,"flow_dst_last_pkt_time":1686331598448412,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686332169029831,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"74.111.203.55","src_port":57184,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":344,"packets-processed":343,"total-skipped-flows":0,"total-l4-payload-len":17855,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":337,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":337,"total-idle-flows":336,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1634,"global_ts_usec":1686334800212088} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334800212088,"flow_src_last_pkt_time":1686334800212088,"flow_dst_last_pkt_time":1686334800212088,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334800212088,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.147.171.51","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":338,"flow_packet_id":1,"flow_src_last_pkt_time":1686334800212088,"flow_dst_last_pkt_time":1686334800212088,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686334800212088,"pkt":"AAwp30Y4PJTVQTiBCABFAABSPDMAAOoRJurHERCvWpOrM+YiAasAPi4OAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334800212088,"flow_src_last_pkt_time":1686334800212088,"flow_dst_last_pkt_time":1686334800212088,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334800212088,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.147.171.51","src_port":58914,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":345,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686332169029831,"flow_src_last_pkt_time":1686332169029831,"flow_dst_last_pkt_time":1686332169029831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334800212088,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":54751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":345,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334813478068,"flow_src_last_pkt_time":1686334813478068,"flow_dst_last_pkt_time":1686334813478068,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334813478068,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"165.114.202.61","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":345,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":339,"flow_packet_id":1,"flow_src_last_pkt_time":1686334813478068,"flow_dst_last_pkt_time":1686334813478068,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686334813478068,"pkt":"AAwp30Y4PJTVQTiBCABFAABSDNYAAOoRVjvHERCvpXLKPeYiAasAPi4CAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":345,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334813478068,"flow_src_last_pkt_time":1686334813478068,"flow_dst_last_pkt_time":1686334813478068,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334813478068,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"165.114.202.61","src_port":58914,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":346,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334820850736,"flow_src_last_pkt_time":1686334820850736,"flow_dst_last_pkt_time":1686334820850736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334820850736,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"69.109.187.54","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":346,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":340,"flow_packet_id":1,"flow_src_last_pkt_time":1686334820850736,"flow_dst_last_pkt_time":1686334820850736,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686334820850736,"pkt":"bpHurUgdPJTVQTiBCABFAABSLZEAAOoRNYnHERCvRW27NuYiAasAPi4LAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":346,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334820850736,"flow_src_last_pkt_time":1686334820850736,"flow_dst_last_pkt_time":1686334820850736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334820850736,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"69.109.187.54","src_port":58914,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334831559203,"flow_src_last_pkt_time":1686334831559203,"flow_dst_last_pkt_time":1686334831559203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334831559203,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"186.112.202.53","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":341,"flow_packet_id":1,"flow_src_last_pkt_time":1686334831559203,"flow_dst_last_pkt_time":1686334831559203,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686334831559203,"pkt":"xmjqc4OdPJTVQTiBCABFAABSRCEAAOoRHvjHERCvunDKNeYiAasAPi4KAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334831559203,"flow_src_last_pkt_time":1686334831559203,"flow_dst_last_pkt_time":1686334831559203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334831559203,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"186.112.202.53","src_port":58914,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":348,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334859871850,"flow_src_last_pkt_time":1686334859871850,"flow_dst_last_pkt_time":1686334859871850,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334859871850,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.111.212.50","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":348,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":342,"flow_packet_id":1,"flow_src_last_pkt_time":1686334859871850,"flow_dst_last_pkt_time":1686334859871850,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686334859871850,"pkt":"AAwp30Y4PJTVQTiBCABFAABSmC0AAOoRyu7HERCvWm\/UMuYiAasAPi4NAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":348,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334859871850,"flow_src_last_pkt_time":1686334859871850,"flow_dst_last_pkt_time":1686334859871850,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334859871850,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.111.212.50","src_port":58914,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334813478068,"flow_src_last_pkt_time":1686334813478068,"flow_dst_last_pkt_time":1686334813478068,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334859871850,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"165.114.202.61","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334800212088,"flow_src_last_pkt_time":1686334800212088,"flow_dst_last_pkt_time":1686334800212088,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334859871850,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.147.171.51","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":349,"packets-processed":348,"total-skipped-flows":0,"total-l4-payload-len":18125,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":342,"total-detection-updates":0,"total-updates":57,"current-active-flows":5,"total-active-flows":342,"total-idle-flows":337,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1653,"global_ts_usec":1686335939300740} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686335939300740,"flow_src_last_pkt_time":1686335939300740,"flow_dst_last_pkt_time":1686335939300740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686335939300740,"l3_proto":"ip4","src_ip":"198.215.2.104","dst_ip":"165.114.202.61","src_port":55462,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":343,"flow_packet_id":1,"flow_src_last_pkt_time":1686335939300740,"flow_dst_last_pkt_time":1686335939300740,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686335939300740,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbZXG1wJopXLKPdimAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686335939300740,"flow_src_last_pkt_time":1686335939300740,"flow_dst_last_pkt_time":1686335939300740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686335939300740,"l3_proto":"ip4","src_ip":"198.215.2.104","dst_ip":"165.114.202.61","src_port":55462,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334859871850,"flow_src_last_pkt_time":1686334859871850,"flow_dst_last_pkt_time":1686334859871850,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686335939300740,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.111.212.50","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334831559203,"flow_src_last_pkt_time":1686334831559203,"flow_dst_last_pkt_time":1686334831559203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686335939300740,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"186.112.202.53","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334813478068,"flow_src_last_pkt_time":1686334813478068,"flow_dst_last_pkt_time":1686334813478068,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686335939300740,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"165.114.202.61","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334800212088,"flow_src_last_pkt_time":1686334800212088,"flow_dst_last_pkt_time":1686334800212088,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686335939300740,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.147.171.51","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334820850736,"flow_src_last_pkt_time":1686334820850736,"flow_dst_last_pkt_time":1686334820850736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686335939300740,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"69.109.187.54","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686336218624230,"flow_src_last_pkt_time":1686336218624230,"flow_dst_last_pkt_time":1686336218624230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686336218624230,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"165.114.202.61","src_port":54219,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":344,"flow_packet_id":1,"flow_src_last_pkt_time":1686336218624230,"flow_dst_last_pkt_time":1686336218624230,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686336218624230,"pkt":"AAwp30Y4PJTVQTiBCABFCABLMOwAACQRk3IbhqncpXLKPdPLAasAN0mtAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686336218624230,"flow_src_last_pkt_time":1686336218624230,"flow_dst_last_pkt_time":1686336218624230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686336218624230,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"165.114.202.61","src_port":54219,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686335939300740,"flow_src_last_pkt_time":1686335939300740,"flow_dst_last_pkt_time":1686335939300740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686336218624230,"l3_proto":"ip4","src_ip":"198.215.2.104","dst_ip":"165.114.202.61","src_port":55462,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":351,"packets-processed":350,"total-skipped-flows":0,"total-l4-payload-len":18201,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":344,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":344,"total-idle-flows":343,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1666,"global_ts_usec":1686337417264371} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686337417264371,"flow_src_last_pkt_time":1686337417264371,"flow_dst_last_pkt_time":1686337417264371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686337417264371,"l3_proto":"ip4","src_ip":"80.16.56.40","dst_ip":"74.111.203.55","src_port":49864,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":1,"flow_src_last_pkt_time":1686337417264371,"flow_dst_last_pkt_time":1686337417264371,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686337417264371,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRX4BQEDgoSm\/LN8LIAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686337417264371,"flow_src_last_pkt_time":1686337417264371,"flow_dst_last_pkt_time":1686337417264371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686337417264371,"l3_proto":"ip4","src_ip":"80.16.56.40","dst_ip":"74.111.203.55","src_port":49864,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686336218624230,"flow_src_last_pkt_time":1686336218624230,"flow_dst_last_pkt_time":1686336218624230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686337417264371,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"165.114.202.61","src_port":54219,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":352,"packets-processed":351,"total-skipped-flows":0,"total-l4-payload-len":18230,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":345,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":345,"total-idle-flows":344,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1671,"global_ts_usec":1686348943265542} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686348943265542,"flow_src_last_pkt_time":1686348943265542,"flow_dst_last_pkt_time":1686348943265542,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686348943265542,"l3_proto":"ip4","src_ip":"206.240.152.225","dst_ip":"90.145.180.58","src_port":52955,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":346,"flow_packet_id":1,"flow_src_last_pkt_time":1686348943265542,"flow_dst_last_pkt_time":1686348943265542,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686348943265542,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRX\/PO8JjhWpG0Os7bAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686348943265542,"flow_src_last_pkt_time":1686348943265542,"flow_dst_last_pkt_time":1686348943265542,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686348943265542,"l3_proto":"ip4","src_ip":"206.240.152.225","dst_ip":"90.145.180.58","src_port":52955,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686337417264371,"flow_src_last_pkt_time":1686337417264371,"flow_dst_last_pkt_time":1686337417264371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686348943265542,"l3_proto":"ip4","src_ip":"80.16.56.40","dst_ip":"74.111.203.55","src_port":49864,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":353,"packets-processed":352,"total-skipped-flows":0,"total-l4-payload-len":18259,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":346,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":346,"total-idle-flows":345,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1676,"global_ts_usec":1686352403512683} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686352403512683,"flow_src_last_pkt_time":1686352403512683,"flow_dst_last_pkt_time":1686352403512683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686352403512683,"l3_proto":"ip4","src_ip":"172.206.191.39","dst_ip":"165.144.84.62","src_port":55684,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":347,"flow_packet_id":1,"flow_src_last_pkt_time":1686352403512683,"flow_dst_last_pkt_time":1686352403512683,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686352403512683,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXnuszr8npZBUPtmEAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686352403512683,"flow_src_last_pkt_time":1686352403512683,"flow_dst_last_pkt_time":1686352403512683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686352403512683,"l3_proto":"ip4","src_ip":"172.206.191.39","dst_ip":"165.144.84.62","src_port":55684,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686348943265542,"flow_src_last_pkt_time":1686348943265542,"flow_dst_last_pkt_time":1686348943265542,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686352403512683,"l3_proto":"ip4","src_ip":"206.240.152.225","dst_ip":"90.145.180.58","src_port":52955,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":354,"packets-processed":353,"total-skipped-flows":0,"total-l4-payload-len":18288,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":347,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":347,"total-idle-flows":346,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1681,"global_ts_usec":1686355642711445} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686355642711445,"flow_src_last_pkt_time":1686355642711445,"flow_dst_last_pkt_time":1686355642711445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686355642711445,"l3_proto":"ip4","src_ip":"175.206.31.84","dst_ip":"69.109.187.54","src_port":52553,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":348,"flow_packet_id":1,"flow_src_last_pkt_time":1686355642711445,"flow_dst_last_pkt_time":1686355642711445,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686355642711445,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRX5yvzh9URW27Ns1JAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686355642711445,"flow_src_last_pkt_time":1686355642711445,"flow_dst_last_pkt_time":1686355642711445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686355642711445,"l3_proto":"ip4","src_ip":"175.206.31.84","dst_ip":"69.109.187.54","src_port":52553,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686352403512683,"flow_src_last_pkt_time":1686352403512683,"flow_dst_last_pkt_time":1686352403512683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686355642711445,"l3_proto":"ip4","src_ip":"172.206.191.39","dst_ip":"165.144.84.62","src_port":55684,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":355,"packets-processed":354,"total-skipped-flows":0,"total-l4-payload-len":18317,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":348,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":348,"total-idle-flows":347,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1686,"global_ts_usec":1686356686492578} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686356686492578,"flow_src_last_pkt_time":1686356686492578,"flow_dst_last_pkt_time":1686356686492578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686356686492578,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"85.111.52.57","src_port":54217,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":349,"flow_packet_id":1,"flow_src_last_pkt_time":1686356686492578,"flow_dst_last_pkt_time":1686356686492578,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686356686492578,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPoRXo5QM39KVW80OdPJAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686356686492578,"flow_src_last_pkt_time":1686356686492578,"flow_dst_last_pkt_time":1686356686492578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686356686492578,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"85.111.52.57","src_port":54217,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686355642711445,"flow_src_last_pkt_time":1686355642711445,"flow_dst_last_pkt_time":1686355642711445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686356686492578,"l3_proto":"ip4","src_ip":"175.206.31.84","dst_ip":"69.109.187.54","src_port":52553,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":356,"packets-processed":355,"total-skipped-flows":0,"total-l4-payload-len":18346,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":349,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":349,"total-idle-flows":348,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1691,"global_ts_usec":1686361225400035} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686361225400035,"flow_src_last_pkt_time":1686361225400035,"flow_dst_last_pkt_time":1686361225400035,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686361225400035,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"186.112.202.53","src_port":51231,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":350,"flow_packet_id":1,"flow_src_last_pkt_time":1686361225400035,"flow_dst_last_pkt_time":1686361225400035,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686361225400035,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbUHGF1kcunDKNcgfAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686361225400035,"flow_src_last_pkt_time":1686361225400035,"flow_dst_last_pkt_time":1686361225400035,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686361225400035,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"186.112.202.53","src_port":51231,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686356686492578,"flow_src_last_pkt_time":1686356686492578,"flow_dst_last_pkt_time":1686356686492578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686361225400035,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"85.111.52.57","src_port":54217,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":357,"packets-processed":356,"total-skipped-flows":0,"total-l4-payload-len":18375,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":350,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":350,"total-idle-flows":349,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1696,"global_ts_usec":1686376742132232} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686376742132232,"flow_src_last_pkt_time":1686376742132232,"flow_dst_last_pkt_time":1686376742132232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686376742132232,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"74.111.203.55","src_port":25821,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":351,"flow_packet_id":1,"flow_src_last_pkt_time":1686376742132232,"flow_dst_last_pkt_time":1686376742132232,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686376742132232,"pkt":"ipffLU2SPJTVQTiBCABFAABL5L0AACcR7mFiiQNySm\/LN2TdAasAN8pUAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686376742132232,"flow_src_last_pkt_time":1686376742132232,"flow_dst_last_pkt_time":1686376742132232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686376742132232,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"74.111.203.55","src_port":25821,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686361225400035,"flow_src_last_pkt_time":1686361225400035,"flow_dst_last_pkt_time":1686361225400035,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686376742132232,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"186.112.202.53","src_port":51231,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686377192208651,"flow_src_last_pkt_time":1686377192208651,"flow_dst_last_pkt_time":1686377192208651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686377192208651,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"186.112.202.53","src_port":10322,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":352,"flow_packet_id":1,"flow_src_last_pkt_time":1686377192208651,"flow_dst_last_pkt_time":1686377192208651,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686377192208651,"pkt":"xmjqc4OdPJTVQTiBCABFCABLA5EAACQRwODboGXRunDKNShSAasAN\/U5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686377192208651,"flow_src_last_pkt_time":1686377192208651,"flow_dst_last_pkt_time":1686377192208651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686377192208651,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"186.112.202.53","src_port":10322,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686376742132232,"flow_src_last_pkt_time":1686376742132232,"flow_dst_last_pkt_time":1686376742132232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686377192208651,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"74.111.203.55","src_port":25821,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":359,"packets-processed":358,"total-skipped-flows":0,"total-l4-payload-len":18469,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":352,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":352,"total-idle-flows":351,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1705,"global_ts_usec":1686378731428268} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686378731428268,"flow_src_last_pkt_time":1686378731428268,"flow_dst_last_pkt_time":1686378731428268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686378731428268,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"90.141.37.56","src_port":50837,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":353,"flow_packet_id":1,"flow_src_last_pkt_time":1686378731428268,"flow_dst_last_pkt_time":1686378731428268,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686378731428268,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbdWh54D1Wo0lOMaVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686378731428268,"flow_src_last_pkt_time":1686378731428268,"flow_dst_last_pkt_time":1686378731428268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686378731428268,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"90.141.37.56","src_port":50837,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686377192208651,"flow_src_last_pkt_time":1686377192208651,"flow_dst_last_pkt_time":1686377192208651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686378731428268,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"186.112.202.53","src_port":10322,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":360,"packets-processed":359,"total-skipped-flows":0,"total-l4-payload-len":18498,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":353,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":353,"total-idle-flows":352,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1710,"global_ts_usec":1686384968861051} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686384968861051,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686384968861051,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.114.202.61","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":354,"flow_packet_id":1,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686384968861051,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+0ZZAADQRzpamvyUzpXLKPWv1AasAKlz0AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686384968861051,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686384968861051,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.114.202.61","src_port":27637,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686384968861051,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686384968861051,"l3_proto":"ip4","src_ip":"70.63.213.48","dst_ip":"90.147.171.51","src_port":64393,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":355,"flow_packet_id":1,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686384968861051,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+SnBAADQRVctGP9UwWpOrM\/uJAasAKs1tAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686384968861051,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686384968861051,"l3_proto":"ip4","src_ip":"70.63.213.48","dst_ip":"90.147.171.51","src_port":64393,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686378731428268,"flow_src_last_pkt_time":1686378731428268,"flow_dst_last_pkt_time":1686378731428268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686384968861051,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"90.141.37.56","src_port":50837,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":362,"packets-processed":361,"total-skipped-flows":0,"total-l4-payload-len":18566,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":355,"total-detection-updates":0,"total-updates":57,"current-active-flows":2,"total-active-flows":355,"total-idle-flows":353,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1718,"global_ts_usec":1686385671822712} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686385671822712,"flow_src_last_pkt_time":1686385671822712,"flow_dst_last_pkt_time":1686385671822712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686385671822712,"l3_proto":"ip4","src_ip":"89.198.219.40","dst_ip":"69.109.187.54","src_port":13087,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":356,"flow_packet_id":1,"flow_src_last_pkt_time":1686385671822712,"flow_dst_last_pkt_time":1686385671822712,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686385671822712,"pkt":"bpHurUgdPJTVQTiBCABFAAA+U4xAADQRTLRZxtsoRW27NjMfAasAKpXdAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686385671822712,"flow_src_last_pkt_time":1686385671822712,"flow_dst_last_pkt_time":1686385671822712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686385671822712,"l3_proto":"ip4","src_ip":"89.198.219.40","dst_ip":"69.109.187.54","src_port":13087,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686384968861051,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686385671822712,"l3_proto":"ip4","src_ip":"70.63.213.48","dst_ip":"90.147.171.51","src_port":64393,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686384968861051,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686385671822712,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.114.202.61","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686385950661692,"flow_src_last_pkt_time":1686385950661692,"flow_dst_last_pkt_time":1686385950661692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686385950661692,"l3_proto":"ip4","src_ip":"190.65.219.43","dst_ip":"90.111.212.50","src_port":9161,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":357,"flow_packet_id":1,"flow_src_last_pkt_time":1686385950661692,"flow_dst_last_pkt_time":1686385950661692,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686385950661692,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+uiVAADQR5hm+QdsrWm\/UMiPJAasAKqUyAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686385950661692,"flow_src_last_pkt_time":1686385950661692,"flow_dst_last_pkt_time":1686385950661692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686385950661692,"l3_proto":"ip4","src_ip":"190.65.219.43","dst_ip":"90.111.212.50","src_port":9161,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":364,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686385671822712,"flow_src_last_pkt_time":1686385671822712,"flow_dst_last_pkt_time":1686385671822712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686385950661692,"l3_proto":"ip4","src_ip":"89.198.219.40","dst_ip":"69.109.187.54","src_port":13087,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":364,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386074010980,"flow_src_last_pkt_time":1686386074010980,"flow_dst_last_pkt_time":1686386074010980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386074010980,"l3_proto":"ip4","src_ip":"191.198.219.36","dst_ip":"85.111.52.57","src_port":43241,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":364,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":358,"flow_packet_id":1,"flow_src_last_pkt_time":1686386074010980,"flow_dst_last_pkt_time":1686386074010980,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686386074010980,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+UJdAADQRT6e\/xtskVW80OajpAasAKiARAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":364,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386074010980,"flow_src_last_pkt_time":1686386074010980,"flow_dst_last_pkt_time":1686386074010980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386074010980,"l3_proto":"ip4","src_ip":"191.198.219.36","dst_ip":"85.111.52.57","src_port":43241,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686385950661692,"flow_src_last_pkt_time":1686385950661692,"flow_dst_last_pkt_time":1686385950661692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386074010980,"l3_proto":"ip4","src_ip":"190.65.219.43","dst_ip":"90.111.212.50","src_port":9161,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386117996493,"flow_src_last_pkt_time":1686386117996493,"flow_dst_last_pkt_time":1686386117996493,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386117996493,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"186.112.202.53","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":359,"flow_packet_id":1,"flow_src_last_pkt_time":1686386117996493,"flow_dst_last_pkt_time":1686386117996493,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686386117996493,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+tYhAADQR6qymvyUzunDKNWv1AasAKlz8AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386117996493,"flow_src_last_pkt_time":1686386117996493,"flow_dst_last_pkt_time":1686386117996493,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386117996493,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"186.112.202.53","src_port":27637,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":366,"packets-processed":365,"total-skipped-flows":0,"total-l4-payload-len":18702,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":359,"total-detection-updates":0,"total-updates":58,"current-active-flows":3,"total-active-flows":359,"total-idle-flows":356,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1735,"global_ts_usec":1686386455119430} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386455119430,"flow_src_last_pkt_time":1686386455119430,"flow_dst_last_pkt_time":1686386455119430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386455119430,"l3_proto":"ip4","src_ip":"94.70.203.49","dst_ip":"74.111.203.55","src_port":9065,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":360,"flow_packet_id":1,"flow_src_last_pkt_time":1686386455119430,"flow_dst_last_pkt_time":1686386455119430,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686386455119430,"pkt":"ipffLU2SPJTVQTiBCABFAAA+wzhAADQR3P9eRssxSm\/LNyNpAasAKqWLAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386455119430,"flow_src_last_pkt_time":1686386455119430,"flow_dst_last_pkt_time":1686386455119430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386455119430,"l3_proto":"ip4","src_ip":"94.70.203.49","dst_ip":"74.111.203.55","src_port":9065,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386074010980,"flow_src_last_pkt_time":1686386074010980,"flow_dst_last_pkt_time":1686386074010980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386455119430,"l3_proto":"ip4","src_ip":"191.198.219.36","dst_ip":"85.111.52.57","src_port":43241,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386117996493,"flow_src_last_pkt_time":1686386117996493,"flow_dst_last_pkt_time":1686386117996493,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386455119430,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"186.112.202.53","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686385950661692,"flow_src_last_pkt_time":1686385950661692,"flow_dst_last_pkt_time":1686385950661692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386455119430,"l3_proto":"ip4","src_ip":"190.65.219.43","dst_ip":"90.111.212.50","src_port":9161,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386733673439,"flow_src_last_pkt_time":1686386733673439,"flow_dst_last_pkt_time":1686386733673439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386733673439,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.144.84.62","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":361,"flow_packet_id":1,"flow_src_last_pkt_time":1686386733673439,"flow_dst_last_pkt_time":1686386733673439,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686386733673439,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+5RBAADQRux2mvyUzpZBUPmv1AasAKlz1AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386733673439,"flow_src_last_pkt_time":1686386733673439,"flow_dst_last_pkt_time":1686386733673439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386733673439,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.144.84.62","src_port":27637,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":368,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386734896340,"flow_src_last_pkt_time":1686386734896340,"flow_dst_last_pkt_time":1686386734896340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386734896340,"l3_proto":"ip4","src_ip":"166.65.42.37","dst_ip":"90.141.37.56","src_port":37412,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":368,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":362,"flow_packet_id":1,"flow_src_last_pkt_time":1686386734896340,"flow_dst_last_pkt_time":1686386734896340,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686386734896340,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+5ZxAADQRuqGmQSolWo0lOJIkAasAKjbWAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":368,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386734896340,"flow_src_last_pkt_time":1686386734896340,"flow_dst_last_pkt_time":1686386734896340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386734896340,"l3_proto":"ip4","src_ip":"166.65.42.37","dst_ip":"90.141.37.56","src_port":37412,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386455119430,"flow_src_last_pkt_time":1686386455119430,"flow_dst_last_pkt_time":1686386455119430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386734896340,"l3_proto":"ip4","src_ip":"94.70.203.49","dst_ip":"74.111.203.55","src_port":9065,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386835611315,"flow_src_last_pkt_time":1686386835611315,"flow_dst_last_pkt_time":1686386835611315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386835611315,"l3_proto":"ip4","src_ip":"185.211.4.13","dst_ip":"90.111.212.50","src_port":55127,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":363,"flow_packet_id":1,"flow_src_last_pkt_time":1686386835611315,"flow_dst_last_pkt_time":1686386835611315,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686386835611315,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbDm50wQNWm\/UMtdXAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386835611315,"flow_src_last_pkt_time":1686386835611315,"flow_dst_last_pkt_time":1686386835611315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386835611315,"l3_proto":"ip4","src_ip":"185.211.4.13","dst_ip":"90.111.212.50","src_port":55127,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386734896340,"flow_src_last_pkt_time":1686386734896340,"flow_dst_last_pkt_time":1686386734896340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386835611315,"l3_proto":"ip4","src_ip":"166.65.42.37","dst_ip":"90.141.37.56","src_port":37412,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386733673439,"flow_src_last_pkt_time":1686386733673439,"flow_dst_last_pkt_time":1686386733673439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386835611315,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.144.84.62","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":370,"packets-processed":369,"total-skipped-flows":0,"total-l4-payload-len":18833,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":363,"total-detection-updates":0,"total-updates":60,"current-active-flows":3,"total-active-flows":363,"total-idle-flows":360,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1754,"global_ts_usec":1686401776042881} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686401776042881,"flow_src_last_pkt_time":1686401776042881,"flow_dst_last_pkt_time":1686401776042881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.141.37.56","src_port":12751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":364,"flow_packet_id":1,"flow_src_last_pkt_time":1686401776042881,"flow_dst_last_pkt_time":1686401776042881,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686401776042881,"pkt":"3jHC4dyOPJTVQTiBCABFCABLnL8AACIRLehkOJtwWo0lODHPAasAN+\/yAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686401776042881,"flow_src_last_pkt_time":1686401776042881,"flow_dst_last_pkt_time":1686401776042881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.141.37.56","src_port":12751,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386734896340,"flow_src_last_pkt_time":1686386734896340,"flow_dst_last_pkt_time":1686386734896340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"166.65.42.37","dst_ip":"90.141.37.56","src_port":37412,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386835611315,"flow_src_last_pkt_time":1686386835611315,"flow_dst_last_pkt_time":1686386835611315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"185.211.4.13","dst_ip":"90.111.212.50","src_port":55127,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386733673439,"flow_src_last_pkt_time":1686386733673439,"flow_dst_last_pkt_time":1686386733673439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.144.84.62","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":371,"packets-processed":370,"total-skipped-flows":0,"total-l4-payload-len":18880,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":364,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":364,"total-idle-flows":363,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1761,"global_ts_usec":1686404500406996} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686404500406996,"flow_src_last_pkt_time":1686404500406996,"flow_dst_last_pkt_time":1686404500406996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686404500406996,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":44046,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":365,"flow_packet_id":1,"flow_src_last_pkt_time":1686404500406996,"flow_dst_last_pkt_time":1686404500406996,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686404500406996,"pkt":"AAwp30Y4PJTVQTiBCABFCABLxOMAACIRBdXjx1p6Wm\/UMqwOAasAN3XEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686404500406996,"flow_src_last_pkt_time":1686404500406996,"flow_dst_last_pkt_time":1686404500406996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686404500406996,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":44046,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686401776042881,"flow_src_last_pkt_time":1686401776042881,"flow_dst_last_pkt_time":1686401776042881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686404500406996,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.141.37.56","src_port":12751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":372,"packets-processed":371,"total-skipped-flows":0,"total-l4-payload-len":18927,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":365,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":365,"total-idle-flows":364,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1766,"global_ts_usec":1686408138334214} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686408138334214,"flow_src_last_pkt_time":1686408138334214,"flow_dst_last_pkt_time":1686408138334214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686408138334214,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":47863,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":366,"flow_packet_id":1,"flow_src_last_pkt_time":1686408138334214,"flow_dst_last_pkt_time":1686408138334214,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686408138334214,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZbItJByWpOrM7r3AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686408138334214,"flow_src_last_pkt_time":1686408138334214,"flow_dst_last_pkt_time":1686408138334214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686408138334214,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":47863,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686404500406996,"flow_src_last_pkt_time":1686404500406996,"flow_dst_last_pkt_time":1686404500406996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686408138334214,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":44046,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":373,"packets-processed":372,"total-skipped-flows":0,"total-l4-payload-len":19025,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":366,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":366,"total-idle-flows":365,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1771,"global_ts_usec":1686409062599010} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686409062599010,"flow_src_last_pkt_time":1686409062599010,"flow_dst_last_pkt_time":1686409062599010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686409062599010,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"74.111.203.55","src_port":32952,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":367,"flow_packet_id":1,"flow_src_last_pkt_time":1686409062599010,"flow_dst_last_pkt_time":1686409062599010,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686409062599010,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAOsRrC8TY5KcSm\/LN4C4AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686409062599010,"flow_src_last_pkt_time":1686409062599010,"flow_dst_last_pkt_time":1686409062599010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686409062599010,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"74.111.203.55","src_port":32952,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686408138334214,"flow_src_last_pkt_time":1686408138334214,"flow_dst_last_pkt_time":1686408138334214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686409062599010,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":47863,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":374,"packets-processed":373,"total-skipped-flows":0,"total-l4-payload-len":19123,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":367,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":367,"total-idle-flows":366,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1776,"global_ts_usec":1686410047846257} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686410047846257,"flow_src_last_pkt_time":1686410047846257,"flow_dst_last_pkt_time":1686410047846257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686410047846257,"l3_proto":"ip4","src_ip":"209.124.163.157","dst_ip":"69.109.187.54","src_port":55599,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":368,"flow_packet_id":1,"flow_src_last_pkt_time":1686410047846257,"flow_dst_last_pkt_time":1686410047846257,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686410047846257,"pkt":"bpHurUgdPJTVQTiBCABFCAB+1DEAAOsRrC3RfKOdRW27NtkvAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686410047846257,"flow_src_last_pkt_time":1686410047846257,"flow_dst_last_pkt_time":1686410047846257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686410047846257,"l3_proto":"ip4","src_ip":"209.124.163.157","dst_ip":"69.109.187.54","src_port":55599,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686409062599010,"flow_src_last_pkt_time":1686409062599010,"flow_dst_last_pkt_time":1686409062599010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686410047846257,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"74.111.203.55","src_port":32952,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":375,"packets-processed":374,"total-skipped-flows":0,"total-l4-payload-len":19221,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":368,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":368,"total-idle-flows":367,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1781,"global_ts_usec":1686412803511471} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686412803511471,"flow_src_last_pkt_time":1686412803511471,"flow_dst_last_pkt_time":1686412803511471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686412803511471,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.145.180.58","src_port":54859,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":369,"flow_packet_id":1,"flow_src_last_pkt_time":1686412803511471,"flow_dst_last_pkt_time":1686412803511471,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686412803511471,"pkt":"bs1PogZtPJTVQTiBCABFCABLZYcAACQRXt\/jhlHUWpG0OtZLAasAN0c1AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686412803511471,"flow_src_last_pkt_time":1686412803511471,"flow_dst_last_pkt_time":1686412803511471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686412803511471,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.145.180.58","src_port":54859,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686410047846257,"flow_src_last_pkt_time":1686410047846257,"flow_dst_last_pkt_time":1686410047846257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686412803511471,"l3_proto":"ip4","src_ip":"209.124.163.157","dst_ip":"69.109.187.54","src_port":55599,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":376,"packets-processed":375,"total-skipped-flows":0,"total-l4-payload-len":19268,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":369,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":369,"total-idle-flows":368,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1786,"global_ts_usec":1686413757609123} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686413757609123,"flow_src_last_pkt_time":1686413757609123,"flow_dst_last_pkt_time":1686413757609123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686413757609123,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"186.112.202.53","src_port":49844,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":370,"flow_packet_id":1,"flow_src_last_pkt_time":1686413757609123,"flow_dst_last_pkt_time":1686413757609123,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686413757609123,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAOsRrCstg6GYunDKNcK0AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686413757609123,"flow_src_last_pkt_time":1686413757609123,"flow_dst_last_pkt_time":1686413757609123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686413757609123,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"186.112.202.53","src_port":49844,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":377,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686412803511471,"flow_src_last_pkt_time":1686412803511471,"flow_dst_last_pkt_time":1686412803511471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686413757609123,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.145.180.58","src_port":54859,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":377,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414114295045,"flow_src_last_pkt_time":1686414114295045,"flow_dst_last_pkt_time":1686414114295045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414114295045,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":49951,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":377,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":371,"flow_packet_id":1,"flow_src_last_pkt_time":1686414114295045,"flow_dst_last_pkt_time":1686414114295045,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686414114295045,"pkt":"bs1PogZtPJTVQTiBCABFCAB+1DEAAOsREgeGtJCVWpG0OsMfAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":377,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414114295045,"flow_src_last_pkt_time":1686414114295045,"flow_dst_last_pkt_time":1686414114295045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414114295045,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":49951,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686413757609123,"flow_src_last_pkt_time":1686413757609123,"flow_dst_last_pkt_time":1686413757609123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414114295045,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"186.112.202.53","src_port":49844,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":378,"packets-processed":377,"total-skipped-flows":0,"total-l4-payload-len":19464,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":371,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":371,"total-idle-flows":370,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1795,"global_ts_usec":1686414638495400} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414638495400,"flow_src_last_pkt_time":1686414638495400,"flow_dst_last_pkt_time":1686414638495400,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414638495400,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"85.111.52.57","src_port":42561,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":372,"flow_packet_id":1,"flow_src_last_pkt_time":1686414638495400,"flow_dst_last_pkt_time":1686414638495400,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686414638495400,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAO8RDcy4tKjwVW80OaZBAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414638495400,"flow_src_last_pkt_time":1686414638495400,"flow_dst_last_pkt_time":1686414638495400,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414638495400,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"85.111.52.57","src_port":42561,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":379,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414114295045,"flow_src_last_pkt_time":1686414114295045,"flow_dst_last_pkt_time":1686414114295045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414638495400,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":49951,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":379,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686415196829472,"flow_src_last_pkt_time":1686415196829472,"flow_dst_last_pkt_time":1686415196829472,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686415196829472,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"165.144.84.62","src_port":41895,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":379,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":373,"flow_packet_id":1,"flow_src_last_pkt_time":1686415196829472,"flow_dst_last_pkt_time":1686415196829472,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686415196829472,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsRrB3SfJyVpZBUPqOnAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":379,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686415196829472,"flow_src_last_pkt_time":1686415196829472,"flow_dst_last_pkt_time":1686415196829472,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686415196829472,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"165.144.84.62","src_port":41895,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414638495400,"flow_src_last_pkt_time":1686414638495400,"flow_dst_last_pkt_time":1686414638495400,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686415196829472,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"85.111.52.57","src_port":42561,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":380,"packets-processed":379,"total-skipped-flows":0,"total-l4-payload-len":19660,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":373,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":373,"total-idle-flows":372,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1804,"global_ts_usec":1686418497785828} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418497785828,"flow_src_last_pkt_time":1686418497785828,"flow_dst_last_pkt_time":1686418497785828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418497785828,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":45313,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":374,"flow_packet_id":1,"flow_src_last_pkt_time":1686418497785828,"flow_dst_last_pkt_time":1686418497785828,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686418497785828,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsREf22tHiLpXLKPbEBAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418497785828,"flow_src_last_pkt_time":1686418497785828,"flow_dst_last_pkt_time":1686418497785828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418497785828,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":45313,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686415196829472,"flow_src_last_pkt_time":1686415196829472,"flow_dst_last_pkt_time":1686415196829472,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418497785828,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"165.144.84.62","src_port":41895,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418806265572,"flow_src_last_pkt_time":1686418806265572,"flow_dst_last_pkt_time":1686418806265572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418806265572,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":58457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":375,"flow_packet_id":1,"flow_src_last_pkt_time":1686418806265572,"flow_dst_last_pkt_time":1686418806265572,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686418806265572,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAOsRrCfQe7CaWo0lOORZAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418806265572,"flow_src_last_pkt_time":1686418806265572,"flow_dst_last_pkt_time":1686418806265572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418806265572,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":58457,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418497785828,"flow_src_last_pkt_time":1686418497785828,"flow_dst_last_pkt_time":1686418497785828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418806265572,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":45313,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":382,"packets-processed":381,"total-skipped-flows":0,"total-l4-payload-len":19856,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":375,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":375,"total-idle-flows":374,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1813,"global_ts_usec":1686419691124244} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686419691124244,"flow_src_last_pkt_time":1686419691124244,"flow_dst_last_pkt_time":1686419691124244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686419691124244,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"85.111.52.57","src_port":38445,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":376,"flow_packet_id":1,"flow_src_last_pkt_time":1686419691124244,"flow_dst_last_pkt_time":1686419691124244,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686419691124244,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLEswAACQRsZcbhqncVW80OZYtAasAN4dQAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686419691124244,"flow_src_last_pkt_time":1686419691124244,"flow_dst_last_pkt_time":1686419691124244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686419691124244,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"85.111.52.57","src_port":38445,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418806265572,"flow_src_last_pkt_time":1686418806265572,"flow_dst_last_pkt_time":1686418806265572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686419691124244,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":58457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686420033978573,"flow_src_last_pkt_time":1686420033978573,"flow_dst_last_pkt_time":1686420033978573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686420033978573,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"74.111.203.55","src_port":47597,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":377,"flow_packet_id":1,"flow_src_last_pkt_time":1686420033978573,"flow_dst_last_pkt_time":1686420033978573,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686420033978573,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRpTTvZI2ZSm\/LN7ntAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686420033978573,"flow_src_last_pkt_time":1686420033978573,"flow_dst_last_pkt_time":1686420033978573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686420033978573,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"74.111.203.55","src_port":47597,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686419691124244,"flow_src_last_pkt_time":1686419691124244,"flow_dst_last_pkt_time":1686419691124244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686420033978573,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"85.111.52.57","src_port":38445,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":384,"packets-processed":383,"total-skipped-flows":0,"total-l4-payload-len":20001,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":377,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":377,"total-idle-flows":376,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1822,"global_ts_usec":1686427429600756} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686427429600756,"flow_src_last_pkt_time":1686427429600756,"flow_dst_last_pkt_time":1686427429600756,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686427429600756,"l3_proto":"ip4","src_ip":"157.121.130.117","dst_ip":"165.144.84.62","src_port":7470,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":378,"flow_packet_id":1,"flow_src_last_pkt_time":1686427429600756,"flow_dst_last_pkt_time":1686427429600756,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686427429600756,"pkt":"AAwp30Y4PJTVQTiBCABFAABLrRoAACYRJv+deYJ1pZBUPh0uAasANxH+AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686427429600756,"flow_src_last_pkt_time":1686427429600756,"flow_dst_last_pkt_time":1686427429600756,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686427429600756,"l3_proto":"ip4","src_ip":"157.121.130.117","dst_ip":"165.144.84.62","src_port":7470,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686420033978573,"flow_src_last_pkt_time":1686420033978573,"flow_dst_last_pkt_time":1686420033978573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686427429600756,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"74.111.203.55","src_port":47597,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":385,"packets-processed":384,"total-skipped-flows":0,"total-l4-payload-len":20048,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":378,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":378,"total-idle-flows":377,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1827,"global_ts_usec":1686431866256173} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686431866256173,"flow_src_last_pkt_time":1686431866256173,"flow_dst_last_pkt_time":1686431866256173,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686431866256173,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.111.212.50","src_port":49319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":379,"flow_packet_id":1,"flow_src_last_pkt_time":1686431866256173,"flow_dst_last_pkt_time":1686431866256173,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686431866256173,"pkt":"AAwp30Y4PJTVQTiBCABFCABLx8kAACQR\/KIk523ZWm\/UMsCnAasAN1zfAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686431866256173,"flow_src_last_pkt_time":1686431866256173,"flow_dst_last_pkt_time":1686431866256173,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686431866256173,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.111.212.50","src_port":49319,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686427429600756,"flow_src_last_pkt_time":1686427429600756,"flow_dst_last_pkt_time":1686427429600756,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686431866256173,"l3_proto":"ip4","src_ip":"157.121.130.117","dst_ip":"165.144.84.62","src_port":7470,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":386,"packets-processed":385,"total-skipped-flows":0,"total-l4-payload-len":20095,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":379,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":379,"total-idle-flows":378,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1832,"global_ts_usec":1686435052414223} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435052414223,"flow_src_last_pkt_time":1686435052414223,"flow_dst_last_pkt_time":1686435052414223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435052414223,"l3_proto":"ip4","src_ip":"209.44.167.7","dst_ip":"90.111.212.50","src_port":53096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":380,"flow_packet_id":1,"flow_src_last_pkt_time":1686435052414223,"flow_dst_last_pkt_time":1686435052414223,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686435052414223,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRX1HRLKcHWm\/UMs9oAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435052414223,"flow_src_last_pkt_time":1686435052414223,"flow_dst_last_pkt_time":1686435052414223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435052414223,"l3_proto":"ip4","src_ip":"209.44.167.7","dst_ip":"90.111.212.50","src_port":53096,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686431866256173,"flow_src_last_pkt_time":1686431866256173,"flow_dst_last_pkt_time":1686431866256173,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435052414223,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.111.212.50","src_port":49319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435200937981,"flow_src_last_pkt_time":1686435200937981,"flow_dst_last_pkt_time":1686435200937981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435200937981,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.144.84.62","src_port":45829,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":381,"flow_packet_id":1,"flow_src_last_pkt_time":1686435200937981,"flow_dst_last_pkt_time":1686435200937981,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686435200937981,"pkt":"AAwp30Y4PJTVQTiBCABFCABLhnIAACQRPfdjx03TpZBUPrMFAasAN2p+AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435200937981,"flow_src_last_pkt_time":1686435200937981,"flow_dst_last_pkt_time":1686435200937981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435200937981,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.144.84.62","src_port":45829,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435052414223,"flow_src_last_pkt_time":1686435052414223,"flow_dst_last_pkt_time":1686435052414223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435200937981,"l3_proto":"ip4","src_ip":"209.44.167.7","dst_ip":"90.111.212.50","src_port":53096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":388,"packets-processed":387,"total-skipped-flows":0,"total-l4-payload-len":20171,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":381,"total-detection-updates":0,"total-updates":61,"current-active-flows":2,"total-active-flows":381,"total-idle-flows":379,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1841,"global_ts_usec":1686438148010499} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438148010499,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438148010499,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"85.111.52.57","src_port":44733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_packet_id":1,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438148010499,"pkt":"moT+\/Ph8PJTVQTiBCABFCABSAABAAOsRy+HXMP3JVW80Oa69AasAPg9AAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438148010499,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438148010499,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"85.111.52.57","src_port":44733,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435200937981,"flow_src_last_pkt_time":1686435200937981,"flow_dst_last_pkt_time":1686435200937981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438148010499,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.144.84.62","src_port":45829,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435052414223,"flow_src_last_pkt_time":1686435052414223,"flow_dst_last_pkt_time":1686435052414223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438148010499,"l3_proto":"ip4","src_ip":"209.44.167.7","dst_ip":"90.111.212.50","src_port":53096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438176818955,"flow_src_last_pkt_time":1686438176818955,"flow_dst_last_pkt_time":1686438176818955,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438176818955,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"74.111.203.55","src_port":56846,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":383,"flow_packet_id":1,"flow_src_last_pkt_time":1686438176818955,"flow_dst_last_pkt_time":1686438176818955,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438176818955,"pkt":"ipffLU2SPJTVQTiBCABFCABSAABAAOsRy+bXMP3JSm\/LN94OAasAPt\/zAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438176818955,"flow_src_last_pkt_time":1686438176818955,"flow_dst_last_pkt_time":1686438176818955,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438176818955,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"74.111.203.55","src_port":56846,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":390,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438209212158,"flow_src_last_pkt_time":1686438209212158,"flow_dst_last_pkt_time":1686438209212158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438209212158,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.141.37.56","src_port":50630,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":390,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":384,"flow_packet_id":1,"flow_src_last_pkt_time":1686438209212158,"flow_dst_last_pkt_time":1686438209212158,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438209212158,"pkt":"3jHC4dyOPJTVQTiBCABFCABSAABAAOwRyuLXMP3JWo0lOMXGAasAPvg3AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":390,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438209212158,"flow_src_last_pkt_time":1686438209212158,"flow_dst_last_pkt_time":1686438209212158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438209212158,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.141.37.56","src_port":50630,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438148010499,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438209212158,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"85.111.52.57","src_port":44733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438220823551,"flow_src_last_pkt_time":1686438220823551,"flow_dst_last_pkt_time":1686438220823551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438220823551,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.147.171.51","src_port":42457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":385,"flow_packet_id":1,"flow_src_last_pkt_time":1686438220823551,"flow_dst_last_pkt_time":1686438220823551,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438220823551,"pkt":"AAwp30Y4PJTVQTiBCABFCABSAABAAOwRyujXMP3JWpOrM6XZAasAPhgrAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438220823551,"flow_src_last_pkt_time":1686438220823551,"flow_dst_last_pkt_time":1686438220823551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438220823551,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.147.171.51","src_port":42457,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":392,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242164681,"flow_src_last_pkt_time":1686438242164681,"flow_dst_last_pkt_time":1686438242164681,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438242164681,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"69.109.187.54","src_port":39194,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":392,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":386,"flow_packet_id":1,"flow_src_last_pkt_time":1686438242164681,"flow_dst_last_pkt_time":1686438242164681,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438242164681,"pkt":"bpHurUgdPJTVQTiBCABFCABSAABAAOsRy+XXMP3JRW27NpkaAasAPiTnAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":392,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242164681,"flow_src_last_pkt_time":1686438242164681,"flow_dst_last_pkt_time":1686438242164681,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438242164681,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"69.109.187.54","src_port":39194,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":393,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242172290,"flow_src_last_pkt_time":1686438242172290,"flow_dst_last_pkt_time":1686438242172290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438242172290,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.145.180.58","src_port":46653,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":393,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":387,"flow_packet_id":1,"flow_src_last_pkt_time":1686438242172290,"flow_dst_last_pkt_time":1686438242172290,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438242172290,"pkt":"bs1PogZtPJTVQTiBCABFCABSAABAAOwRyt\/XMP3JWpG0OrY9AasAPge+AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":393,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242172290,"flow_src_last_pkt_time":1686438242172290,"flow_dst_last_pkt_time":1686438242172290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438242172290,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.145.180.58","src_port":46653,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":394,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438176818955,"flow_src_last_pkt_time":1686438176818955,"flow_dst_last_pkt_time":1686438176818955,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438242172290,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"74.111.203.55","src_port":56846,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":394,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438260748204,"flow_src_last_pkt_time":1686438260748204,"flow_dst_last_pkt_time":1686438260748204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438260748204,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.144.84.62","src_port":44352,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":394,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":388,"flow_packet_id":1,"flow_src_last_pkt_time":1686438260748204,"flow_dst_last_pkt_time":1686438260748204,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438260748204,"pkt":"AAwp30Y4PJTVQTiBCABFCABSAABAAOsRy93XMP3JpZBUPq1AAasAPhC5AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":394,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438260748204,"flow_src_last_pkt_time":1686438260748204,"flow_dst_last_pkt_time":1686438260748204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438260748204,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.144.84.62","src_port":44352,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438148010499,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438260748204,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"85.111.52.57","src_port":44733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438209212158,"flow_src_last_pkt_time":1686438209212158,"flow_dst_last_pkt_time":1686438209212158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438260748204,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.141.37.56","src_port":50630,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438308618262,"flow_src_last_pkt_time":1686438308618262,"flow_dst_last_pkt_time":1686438308618262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438308618262,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.114.202.61","src_port":53506,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":389,"flow_packet_id":1,"flow_src_last_pkt_time":1686438308618262,"flow_dst_last_pkt_time":1686438308618262,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438308618262,"pkt":"AAwp30Y4PJTVQTiBCABFCABSAABAAOsRy9zXMP3JpXLKPdECAasAPuz1AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438308618262,"flow_src_last_pkt_time":1686438308618262,"flow_dst_last_pkt_time":1686438308618262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438308618262,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.114.202.61","src_port":53506,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438260748204,"flow_src_last_pkt_time":1686438260748204,"flow_dst_last_pkt_time":1686438260748204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438308618262,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.144.84.62","src_port":44352,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438148010499,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438308618262,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"85.111.52.57","src_port":44733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242164681,"flow_src_last_pkt_time":1686438242164681,"flow_dst_last_pkt_time":1686438242164681,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438308618262,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"69.109.187.54","src_port":39194,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242172290,"flow_src_last_pkt_time":1686438242172290,"flow_dst_last_pkt_time":1686438242172290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438308618262,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.145.180.58","src_port":46653,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438220823551,"flow_src_last_pkt_time":1686438220823551,"flow_dst_last_pkt_time":1686438220823551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438308618262,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.147.171.51","src_port":42457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438209212158,"flow_src_last_pkt_time":1686438209212158,"flow_dst_last_pkt_time":1686438209212158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438308618262,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.141.37.56","src_port":50630,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438176818955,"flow_src_last_pkt_time":1686438176818955,"flow_dst_last_pkt_time":1686438176818955,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438308618262,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"74.111.203.55","src_port":56846,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":390,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438369437015,"flow_src_last_pkt_time":1686438369437015,"flow_dst_last_pkt_time":1686438369437015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"186.112.202.53","src_port":49672,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":390,"flow_packet_id":1,"flow_src_last_pkt_time":1686438369437015,"flow_dst_last_pkt_time":1686438369437015,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438369437015,"pkt":"xmjqc4OdPJTVQTiBCABFCABSAABAAOsRy+TXMP3JunDKNcIIAasAPvv3AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":390,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438369437015,"flow_src_last_pkt_time":1686438369437015,"flow_dst_last_pkt_time":1686438369437015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"186.112.202.53","src_port":49672,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438148010499,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"85.111.52.57","src_port":44733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438176818955,"flow_src_last_pkt_time":1686438176818955,"flow_dst_last_pkt_time":1686438176818955,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"74.111.203.55","src_port":56846,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438260748204,"flow_src_last_pkt_time":1686438260748204,"flow_dst_last_pkt_time":1686438260748204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.144.84.62","src_port":44352,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242164681,"flow_src_last_pkt_time":1686438242164681,"flow_dst_last_pkt_time":1686438242164681,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"69.109.187.54","src_port":39194,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242172290,"flow_src_last_pkt_time":1686438242172290,"flow_dst_last_pkt_time":1686438242172290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.145.180.58","src_port":46653,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438220823551,"flow_src_last_pkt_time":1686438220823551,"flow_dst_last_pkt_time":1686438220823551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.147.171.51","src_port":42457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438209212158,"flow_src_last_pkt_time":1686438209212158,"flow_dst_last_pkt_time":1686438209212158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.141.37.56","src_port":50630,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01114{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438308618262,"flow_src_last_pkt_time":1686438308618262,"flow_dst_last_pkt_time":1686438308618262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.114.202.61","src_port":53506,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":397,"packets-processed":396,"total-skipped-flows":0,"total-l4-payload-len":20657,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":390,"total-detection-updates":0,"total-updates":78,"current-active-flows":7,"total-active-flows":390,"total-idle-flows":383,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1890,"global_ts_usec":1686442660761538} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686442660761538,"flow_src_last_pkt_time":1686442660761538,"flow_dst_last_pkt_time":1686442660761538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"44.242.231.77","dst_ip":"186.112.202.53","src_port":50261,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":391,"flow_packet_id":1,"flow_src_last_pkt_time":1686442660761538,"flow_dst_last_pkt_time":1686442660761538,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686442660761538,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPoRXpQs8udNunDKNcRVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01076{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686442660761538,"flow_src_last_pkt_time":1686442660761538,"flow_dst_last_pkt_time":1686442660761538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"44.242.231.77","dst_ip":"186.112.202.53","src_port":50261,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438260748204,"flow_src_last_pkt_time":1686438260748204,"flow_dst_last_pkt_time":1686438260748204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.144.84.62","src_port":44352,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242164681,"flow_src_last_pkt_time":1686438242164681,"flow_dst_last_pkt_time":1686438242164681,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"69.109.187.54","src_port":39194,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242172290,"flow_src_last_pkt_time":1686438242172290,"flow_dst_last_pkt_time":1686438242172290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.145.180.58","src_port":46653,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438220823551,"flow_src_last_pkt_time":1686438220823551,"flow_dst_last_pkt_time":1686438220823551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.147.171.51","src_port":42457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":390,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438369437015,"flow_src_last_pkt_time":1686438369437015,"flow_dst_last_pkt_time":1686438369437015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"186.112.202.53","src_port":49672,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438209212158,"flow_src_last_pkt_time":1686438209212158,"flow_dst_last_pkt_time":1686438209212158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.141.37.56","src_port":50630,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438308618262,"flow_src_last_pkt_time":1686438308618262,"flow_dst_last_pkt_time":1686438308618262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.114.202.61","src_port":53506,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443032934623,"flow_src_last_pkt_time":1686443032934623,"flow_dst_last_pkt_time":1686443032934623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443032934623,"l3_proto":"ip4","src_ip":"37.234.100.32","dst_ip":"90.145.180.58","src_port":56813,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":392,"flow_packet_id":1,"flow_src_last_pkt_time":1686443032934623,"flow_dst_last_pkt_time":1686443032934623,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686443032934623,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRbWgl6mQgWpG0Ot3tAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443032934623,"flow_src_last_pkt_time":1686443032934623,"flow_dst_last_pkt_time":1686443032934623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443032934623,"l3_proto":"ip4","src_ip":"37.234.100.32","dst_ip":"90.145.180.58","src_port":56813,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686442660761538,"flow_src_last_pkt_time":1686442660761538,"flow_dst_last_pkt_time":1686442660761538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443032934623,"l3_proto":"ip4","src_ip":"44.242.231.77","dst_ip":"186.112.202.53","src_port":50261,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":399,"packets-processed":398,"total-skipped-flows":0,"total-l4-payload-len":20715,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":392,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":392,"total-idle-flows":391,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1905,"global_ts_usec":1686443411193185} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443411193185,"flow_src_last_pkt_time":1686443411193185,"flow_dst_last_pkt_time":1686443411193185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443411193185,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":44054,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":393,"flow_packet_id":1,"flow_src_last_pkt_time":1686443411193185,"flow_dst_last_pkt_time":1686443411193185,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686443411193185,"pkt":"3jHC4dyOPJTVQTiBCABFCABLjXwAACQRNugbhqncWo0lOKwWAasAN3FoAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443411193185,"flow_src_last_pkt_time":1686443411193185,"flow_dst_last_pkt_time":1686443411193185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443411193185,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":44054,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443032934623,"flow_src_last_pkt_time":1686443032934623,"flow_dst_last_pkt_time":1686443032934623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443411193185,"l3_proto":"ip4","src_ip":"37.234.100.32","dst_ip":"90.145.180.58","src_port":56813,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":400,"packets-processed":399,"total-skipped-flows":0,"total-l4-payload-len":20762,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":393,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":393,"total-idle-flows":392,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1910,"global_ts_usec":1686448122797857} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686448122797857,"flow_src_last_pkt_time":1686448122797857,"flow_dst_last_pkt_time":1686448122797857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686448122797857,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":46249,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":394,"flow_packet_id":1,"flow_src_last_pkt_time":1686448122797857,"flow_dst_last_pkt_time":1686448122797857,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686448122797857,"pkt":"ipffLU2SPJTVQTiBCABFCABSQJAAAGsR1glDnxCWSm\/LN7SpAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686448122797857,"flow_src_last_pkt_time":1686448122797857,"flow_dst_last_pkt_time":1686448122797857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686448122797857,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":46249,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443411193185,"flow_src_last_pkt_time":1686443411193185,"flow_dst_last_pkt_time":1686443411193185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686448122797857,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":44054,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":401,"packets-processed":400,"total-skipped-flows":0,"total-l4-payload-len":20816,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":394,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":394,"total-idle-flows":393,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1915,"global_ts_usec":1686453545484404} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686453545484404,"flow_src_last_pkt_time":1686453545484404,"flow_dst_last_pkt_time":1686453545484404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686453545484404,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"74.111.203.55","src_port":64251,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":395,"flow_packet_id":1,"flow_src_last_pkt_time":1686453545484404,"flow_dst_last_pkt_time":1686453545484404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686453545484404,"pkt":"ipffLU2SPJTVQTiBCABFCABLA5wAACQRwMwbhqncSm\/LN\/r7AasANyKHAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686453545484404,"flow_src_last_pkt_time":1686453545484404,"flow_dst_last_pkt_time":1686453545484404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686453545484404,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"74.111.203.55","src_port":64251,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686448122797857,"flow_src_last_pkt_time":1686448122797857,"flow_dst_last_pkt_time":1686448122797857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686453545484404,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":46249,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454040614924,"flow_src_last_pkt_time":1686454040614924,"flow_dst_last_pkt_time":1686454040614924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454040614924,"l3_proto":"ip4","src_ip":"88.71.42.58","dst_ip":"165.144.84.62","src_port":15464,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":396,"flow_packet_id":1,"flow_src_last_pkt_time":1686454040614924,"flow_dst_last_pkt_time":1686454040614924,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686454040614924,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+VZxAADMRS4lYRyo6pZBUPjxoAasAKox5AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454040614924,"flow_src_last_pkt_time":1686454040614924,"flow_dst_last_pkt_time":1686454040614924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454040614924,"l3_proto":"ip4","src_ip":"88.71.42.58","dst_ip":"165.144.84.62","src_port":15464,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686453545484404,"flow_src_last_pkt_time":1686453545484404,"flow_dst_last_pkt_time":1686453545484404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454040614924,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"74.111.203.55","src_port":64251,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":403,"packets-processed":402,"total-skipped-flows":0,"total-l4-payload-len":20897,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":396,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":396,"total-idle-flows":395,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1924,"global_ts_usec":1686454835524989} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454835524989,"flow_src_last_pkt_time":1686454835524989,"flow_dst_last_pkt_time":1686454835524989,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454835524989,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"186.112.202.53","src_port":29227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":397,"flow_packet_id":1,"flow_src_last_pkt_time":1686454835524989,"flow_dst_last_pkt_time":1686454835524989,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686454835524989,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+jJRAADMRFJq\/Pts5unDKNXIrAasAKla\/AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454835524989,"flow_src_last_pkt_time":1686454835524989,"flow_dst_last_pkt_time":1686454835524989,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454835524989,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"186.112.202.53","src_port":29227,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":404,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454040614924,"flow_src_last_pkt_time":1686454040614924,"flow_dst_last_pkt_time":1686454040614924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454835524989,"l3_proto":"ip4","src_ip":"88.71.42.58","dst_ip":"165.144.84.62","src_port":15464,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":404,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455045546385,"flow_src_last_pkt_time":1686455045546385,"flow_dst_last_pkt_time":1686455045546385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455045546385,"l3_proto":"ip4","src_ip":"190.71.42.54","dst_ip":"69.109.187.54","src_port":47364,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":404,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":398,"flow_packet_id":1,"flow_src_last_pkt_time":1686455045546385,"flow_dst_last_pkt_time":1686455045546385,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686455045546385,"pkt":"bpHurUgdPJTVQTiBCABFAAA+lIxAADMRDKe+Ryo2RW27NrkEAasAKg\/rAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":404,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455045546385,"flow_src_last_pkt_time":1686455045546385,"flow_dst_last_pkt_time":1686455045546385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455045546385,"l3_proto":"ip4","src_ip":"190.71.42.54","dst_ip":"69.109.187.54","src_port":47364,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454835524989,"flow_src_last_pkt_time":1686454835524989,"flow_dst_last_pkt_time":1686454835524989,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455045546385,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"186.112.202.53","src_port":29227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":405,"packets-processed":404,"total-skipped-flows":0,"total-l4-payload-len":20965,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":398,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":398,"total-idle-flows":397,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1933,"global_ts_usec":1686455864946730} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455864946730,"flow_src_last_pkt_time":1686455864946730,"flow_dst_last_pkt_time":1686455864946730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455864946730,"l3_proto":"ip4","src_ip":"166.62.197.60","dst_ip":"165.114.202.61","src_port":35606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":399,"flow_packet_id":1,"flow_src_last_pkt_time":1686455864946730,"flow_dst_last_pkt_time":1686455864946730,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686455864946730,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+EMNAADMRkF2mPsU8pXLKPYsWAasAKj3GAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455864946730,"flow_src_last_pkt_time":1686455864946730,"flow_dst_last_pkt_time":1686455864946730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455864946730,"l3_proto":"ip4","src_ip":"166.62.197.60","dst_ip":"165.114.202.61","src_port":35606,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455045546385,"flow_src_last_pkt_time":1686455045546385,"flow_dst_last_pkt_time":1686455045546385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455864946730,"l3_proto":"ip4","src_ip":"190.71.42.54","dst_ip":"69.109.187.54","src_port":47364,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456361937981,"flow_src_last_pkt_time":1686456361937981,"flow_dst_last_pkt_time":1686456361937981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456361937981,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"90.111.212.50","src_port":18685,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00561{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":400,"flow_packet_id":1,"flow_src_last_pkt_time":1686456361937981,"flow_dst_last_pkt_time":1686456361937981,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686456361937981,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+GgRAADMRhy2\/Pts5Wm\/UMkj9AasAKn\/wAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456361937981,"flow_src_last_pkt_time":1686456361937981,"flow_dst_last_pkt_time":1686456361937981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456361937981,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"90.111.212.50","src_port":18685,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455864946730,"flow_src_last_pkt_time":1686455864946730,"flow_dst_last_pkt_time":1686455864946730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456361937981,"l3_proto":"ip4","src_ip":"166.62.197.60","dst_ip":"165.114.202.61","src_port":35606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":407,"packets-processed":406,"total-skipped-flows":0,"total-l4-payload-len":21033,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":400,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":400,"total-idle-flows":399,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1942,"global_ts_usec":1686456730972924} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456730972924,"flow_src_last_pkt_time":1686456730972924,"flow_dst_last_pkt_time":1686456730972924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456730972924,"l3_proto":"ip4","src_ip":"88.70.212.56","dst_ip":"85.111.52.57","src_port":65013,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":401,"flow_packet_id":1,"flow_src_last_pkt_time":1686456730972924,"flow_dst_last_pkt_time":1686456730972924,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686456730972924,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+jhRAADMRExhYRtQ4VW80Of31AasAKsryAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456730972924,"flow_src_last_pkt_time":1686456730972924,"flow_dst_last_pkt_time":1686456730972924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456730972924,"l3_proto":"ip4","src_ip":"88.70.212.56","dst_ip":"85.111.52.57","src_port":65013,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":408,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456361937981,"flow_src_last_pkt_time":1686456361937981,"flow_dst_last_pkt_time":1686456361937981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456730972924,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"90.111.212.50","src_port":18685,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":408,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456819293547,"flow_src_last_pkt_time":1686456819293547,"flow_dst_last_pkt_time":1686456819293547,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456819293547,"l3_proto":"ip4","src_ip":"184.199.42.59","dst_ip":"90.141.37.56","src_port":42047,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":408,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":402,"flow_packet_id":1,"flow_src_last_pkt_time":1686456819293547,"flow_dst_last_pkt_time":1686456819293547,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686456819293547,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+SeZAADMRV0W4xyo7Wo0lOKQ\/AasAKiSoAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":408,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456819293547,"flow_src_last_pkt_time":1686456819293547,"flow_dst_last_pkt_time":1686456819293547,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456819293547,"l3_proto":"ip4","src_ip":"184.199.42.59","dst_ip":"90.141.37.56","src_port":42047,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":409,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456730972924,"flow_src_last_pkt_time":1686456730972924,"flow_dst_last_pkt_time":1686456730972924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456819293547,"l3_proto":"ip4","src_ip":"88.70.212.56","dst_ip":"85.111.52.57","src_port":65013,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":409,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457196084311,"flow_src_last_pkt_time":1686457196084311,"flow_dst_last_pkt_time":1686457196084311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457196084311,"l3_proto":"ip4","src_ip":"161.199.58.19","dst_ip":"90.147.171.51","src_port":64864,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":409,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":403,"flow_packet_id":1,"flow_src_last_pkt_time":1686457196084311,"flow_dst_last_pkt_time":1686457196084311,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686457196084311,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+cQFAADMRMCihxzoTWpOrM\/1gAasAKsuEAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":409,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457196084311,"flow_src_last_pkt_time":1686457196084311,"flow_dst_last_pkt_time":1686457196084311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457196084311,"l3_proto":"ip4","src_ip":"161.199.58.19","dst_ip":"90.147.171.51","src_port":64864,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456819293547,"flow_src_last_pkt_time":1686456819293547,"flow_dst_last_pkt_time":1686456819293547,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457196084311,"l3_proto":"ip4","src_ip":"184.199.42.59","dst_ip":"90.141.37.56","src_port":42047,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456730972924,"flow_src_last_pkt_time":1686456730972924,"flow_dst_last_pkt_time":1686456730972924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457196084311,"l3_proto":"ip4","src_ip":"88.70.212.56","dst_ip":"85.111.52.57","src_port":65013,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":410,"packets-processed":409,"total-skipped-flows":0,"total-l4-payload-len":21135,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":403,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":403,"total-idle-flows":402,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1956,"global_ts_usec":1686457611262806} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457611262806,"flow_src_last_pkt_time":1686457611262806,"flow_dst_last_pkt_time":1686457611262806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457611262806,"l3_proto":"ip4","src_ip":"161.62.218.52","dst_ip":"74.111.203.55","src_port":37093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":404,"flow_packet_id":1,"flow_src_last_pkt_time":1686457611262806,"flow_dst_last_pkt_time":1686457611262806,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686457611262806,"pkt":"ipffLU2SPJTVQTiBCABFAAA+elpAADMRJtihPto0Sm\/LN5DlAasAKjgJAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457611262806,"flow_src_last_pkt_time":1686457611262806,"flow_dst_last_pkt_time":1686457611262806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457611262806,"l3_proto":"ip4","src_ip":"161.62.218.52","dst_ip":"74.111.203.55","src_port":37093,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457196084311,"flow_src_last_pkt_time":1686457196084311,"flow_dst_last_pkt_time":1686457196084311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457611262806,"l3_proto":"ip4","src_ip":"161.199.58.19","dst_ip":"90.147.171.51","src_port":64864,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":411,"packets-processed":410,"total-skipped-flows":0,"total-l4-payload-len":21169,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":404,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":404,"total-idle-flows":403,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1961,"global_ts_usec":1686459303680190} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686459303680190,"flow_src_last_pkt_time":1686459303680190,"flow_dst_last_pkt_time":1686459303680190,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686459303680190,"l3_proto":"ip4","src_ip":"194.43.223.106","dst_ip":"165.114.202.61","src_port":55142,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":405,"flow_packet_id":1,"flow_src_last_pkt_time":1686459303680190,"flow_dst_last_pkt_time":1686459303680190,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686459303680190,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbZLCK99qpXLKPddmAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686459303680190,"flow_src_last_pkt_time":1686459303680190,"flow_dst_last_pkt_time":1686459303680190,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686459303680190,"l3_proto":"ip4","src_ip":"194.43.223.106","dst_ip":"165.114.202.61","src_port":55142,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457611262806,"flow_src_last_pkt_time":1686457611262806,"flow_dst_last_pkt_time":1686457611262806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686459303680190,"l3_proto":"ip4","src_ip":"161.62.218.52","dst_ip":"74.111.203.55","src_port":37093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":412,"packets-processed":411,"total-skipped-flows":0,"total-l4-payload-len":21198,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":405,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":405,"total-idle-flows":404,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1966,"global_ts_usec":1686460297406877} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686460297406877,"flow_src_last_pkt_time":1686460297406877,"flow_dst_last_pkt_time":1686460297406877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686460297406877,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"85.111.52.57","src_port":33255,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":406,"flow_packet_id":1,"flow_src_last_pkt_time":1686460297406877,"flow_dst_last_pkt_time":1686460297406877,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686460297406877,"pkt":"moT+\/Ph8PJTVQTiBCABFAABL8BcAACYR5Ajinvx\/VW80OYHnAasAN61LAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686460297406877,"flow_src_last_pkt_time":1686460297406877,"flow_dst_last_pkt_time":1686460297406877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686460297406877,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"85.111.52.57","src_port":33255,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686459303680190,"flow_src_last_pkt_time":1686459303680190,"flow_dst_last_pkt_time":1686459303680190,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686460297406877,"l3_proto":"ip4","src_ip":"194.43.223.106","dst_ip":"165.114.202.61","src_port":55142,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":413,"packets-processed":412,"total-skipped-flows":0,"total-l4-payload-len":21245,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":406,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":406,"total-idle-flows":405,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1971,"global_ts_usec":1686461245285022} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686461245285022,"flow_src_last_pkt_time":1686461245285022,"flow_dst_last_pkt_time":1686461245285022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686461245285022,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":36149,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":407,"flow_packet_id":1,"flow_src_last_pkt_time":1686461245285022,"flow_dst_last_pkt_time":1686461245285022,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686461245285022,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPURKLnIH5CeunDKNY01AasAJV1CAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686461245285022,"flow_src_last_pkt_time":1686461245285022,"flow_dst_last_pkt_time":1686461245285022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686461245285022,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":36149,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686460297406877,"flow_src_last_pkt_time":1686460297406877,"flow_dst_last_pkt_time":1686460297406877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686461245285022,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"85.111.52.57","src_port":33255,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":414,"packets-processed":413,"total-skipped-flows":0,"total-l4-payload-len":21274,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":407,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":407,"total-idle-flows":406,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1976,"global_ts_usec":1686462756222356} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686462756222356,"flow_src_last_pkt_time":1686462756222356,"flow_dst_last_pkt_time":1686462756222356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686462756222356,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":45294,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":408,"flow_packet_id":1,"flow_src_last_pkt_time":1686462756222356,"flow_dst_last_pkt_time":1686462756222356,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686462756222356,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPbDuAasAJTmBAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686462756222356,"flow_src_last_pkt_time":1686462756222356,"flow_dst_last_pkt_time":1686462756222356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686462756222356,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":45294,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":415,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686461245285022,"flow_src_last_pkt_time":1686461245285022,"flow_dst_last_pkt_time":1686461245285022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686462756222356,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":36149,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":415,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463066276572,"flow_src_last_pkt_time":1686463066276572,"flow_dst_last_pkt_time":1686463066276572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463066276572,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":45056,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":415,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":409,"flow_packet_id":1,"flow_src_last_pkt_time":1686463066276572,"flow_dst_last_pkt_time":1686463066276572,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686463066276572,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPURKLTIH5CeWpG0OrAAAasAJTpyAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":415,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463066276572,"flow_src_last_pkt_time":1686463066276572,"flow_dst_last_pkt_time":1686463066276572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463066276572,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":45056,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686462756222356,"flow_src_last_pkt_time":1686462756222356,"flow_dst_last_pkt_time":1686462756222356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463066276572,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":45294,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463232786177,"flow_src_last_pkt_time":1686463232786177,"flow_dst_last_pkt_time":1686463232786177,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463232786177,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"90.147.171.51","src_port":10968,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":410,"flow_packet_id":1,"flow_src_last_pkt_time":1686463232786177,"flow_dst_last_pkt_time":1686463232786177,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686463232786177,"pkt":"AAwp30Y4PJTVQTiBCABFAABLPb8AACYRlmBdZnxwWpOrMyrYAasANwRaAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463232786177,"flow_src_last_pkt_time":1686463232786177,"flow_dst_last_pkt_time":1686463232786177,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463232786177,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"90.147.171.51","src_port":10968,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463066276572,"flow_src_last_pkt_time":1686463066276572,"flow_dst_last_pkt_time":1686463066276572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463232786177,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":45056,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":417,"packets-processed":416,"total-skipped-flows":0,"total-l4-payload-len":21379,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":410,"total-detection-updates":0,"total-updates":80,"current-active-flows":2,"total-active-flows":410,"total-idle-flows":408,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1989,"global_ts_usec":1686463744473624} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463744473624,"flow_src_last_pkt_time":1686463744473624,"flow_dst_last_pkt_time":1686463744473624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463744473624,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54431,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":411,"flow_packet_id":1,"flow_src_last_pkt_time":1686463744473624,"flow_dst_last_pkt_time":1686463744473624,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686463744473624,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lONSfAasAJRXWAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463744473624,"flow_src_last_pkt_time":1686463744473624,"flow_dst_last_pkt_time":1686463744473624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463744473624,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54431,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463066276572,"flow_src_last_pkt_time":1686463066276572,"flow_dst_last_pkt_time":1686463066276572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463744473624,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":45056,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463232786177,"flow_src_last_pkt_time":1686463232786177,"flow_dst_last_pkt_time":1686463232786177,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463744473624,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"90.147.171.51","src_port":10968,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463955005585,"flow_src_last_pkt_time":1686463955005585,"flow_dst_last_pkt_time":1686463955005585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463955005585,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":59262,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":412,"flow_packet_id":1,"flow_src_last_pkt_time":1686463955005585,"flow_dst_last_pkt_time":1686463955005585,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686463955005585,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM+d+AasAJQL9AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463955005585,"flow_src_last_pkt_time":1686463955005585,"flow_dst_last_pkt_time":1686463955005585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463955005585,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":59262,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463744473624,"flow_src_last_pkt_time":1686463744473624,"flow_dst_last_pkt_time":1686463744473624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463955005585,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54431,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686464114985492,"flow_src_last_pkt_time":1686464114985492,"flow_dst_last_pkt_time":1686464114985492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686464114985492,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":51675,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":413,"flow_packet_id":1,"flow_src_last_pkt_time":1686464114985492,"flow_dst_last_pkt_time":1686464114985492,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686464114985492,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27NsnbAasAJSCdAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686464114985492,"flow_src_last_pkt_time":1686464114985492,"flow_dst_last_pkt_time":1686464114985492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686464114985492,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":51675,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463955005585,"flow_src_last_pkt_time":1686463955005585,"flow_dst_last_pkt_time":1686463955005585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686464114985492,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":59262,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":420,"packets-processed":419,"total-skipped-flows":0,"total-l4-payload-len":21466,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":413,"total-detection-updates":0,"total-updates":81,"current-active-flows":2,"total-active-flows":413,"total-idle-flows":411,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2003,"global_ts_usec":1686465127922786} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465127922786,"flow_src_last_pkt_time":1686465127922786,"flow_dst_last_pkt_time":1686465127922786,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465127922786,"l3_proto":"ip4","src_ip":"174.237.64.176","dst_ip":"90.141.37.56","src_port":49218,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":414,"flow_packet_id":1,"flow_src_last_pkt_time":1686465127922786,"flow_dst_last_pkt_time":1686465127922786,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686465127922786,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRYA6u7UCwWo0lOMBCAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465127922786,"flow_src_last_pkt_time":1686465127922786,"flow_dst_last_pkt_time":1686465127922786,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465127922786,"l3_proto":"ip4","src_ip":"174.237.64.176","dst_ip":"90.141.37.56","src_port":49218,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686464114985492,"flow_src_last_pkt_time":1686464114985492,"flow_dst_last_pkt_time":1686464114985492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465127922786,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":51675,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463955005585,"flow_src_last_pkt_time":1686463955005585,"flow_dst_last_pkt_time":1686463955005585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465127922786,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":59262,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465406790123,"flow_src_last_pkt_time":1686465406790123,"flow_dst_last_pkt_time":1686465406790123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465406790123,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":57345,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":415,"flow_packet_id":1,"flow_src_last_pkt_time":1686465406790123,"flow_dst_last_pkt_time":1686465406790123,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686465406790123,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPuABAasAJQpvAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465406790123,"flow_src_last_pkt_time":1686465406790123,"flow_dst_last_pkt_time":1686465406790123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465406790123,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":57345,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465127922786,"flow_src_last_pkt_time":1686465127922786,"flow_dst_last_pkt_time":1686465127922786,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465406790123,"l3_proto":"ip4","src_ip":"174.237.64.176","dst_ip":"90.141.37.56","src_port":49218,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465448467764,"flow_src_last_pkt_time":1686465448467764,"flow_dst_last_pkt_time":1686465448467764,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465448467764,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":57245,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":416,"flow_packet_id":1,"flow_src_last_pkt_time":1686465448467764,"flow_dst_last_pkt_time":1686465448467764,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686465448467764,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80Od+dAasAJQrXAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465448467764,"flow_src_last_pkt_time":1686465448467764,"flow_dst_last_pkt_time":1686465448467764,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465448467764,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":57245,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":423,"packets-processed":422,"total-skipped-flows":0,"total-l4-payload-len":21553,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":416,"total-detection-updates":0,"total-updates":81,"current-active-flows":2,"total-active-flows":416,"total-idle-flows":414,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2016,"global_ts_usec":1686466394503634} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686466394503634,"flow_src_last_pkt_time":1686466394503634,"flow_dst_last_pkt_time":1686466394503634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686466394503634,"l3_proto":"ip4","src_ip":"193.219.252.221","dst_ip":"90.147.171.51","src_port":51650,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":417,"flow_packet_id":1,"flow_src_last_pkt_time":1686466394503634,"flow_dst_last_pkt_time":1686466394503634,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686466394503634,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbcTB2\/zdWpOrM8nCAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686466394503634,"flow_src_last_pkt_time":1686466394503634,"flow_dst_last_pkt_time":1686466394503634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686466394503634,"l3_proto":"ip4","src_ip":"193.219.252.221","dst_ip":"90.147.171.51","src_port":51650,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465448467764,"flow_src_last_pkt_time":1686465448467764,"flow_dst_last_pkt_time":1686465448467764,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686466394503634,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":57245,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465406790123,"flow_src_last_pkt_time":1686465406790123,"flow_dst_last_pkt_time":1686465406790123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686466394503634,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":57345,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":424,"packets-processed":423,"total-skipped-flows":0,"total-l4-payload-len":21582,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":417,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":417,"total-idle-flows":416,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2022,"global_ts_usec":1686467393700733} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686467393700733,"flow_src_last_pkt_time":1686467393700733,"flow_dst_last_pkt_time":1686467393700733,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686467393700733,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41180,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":418,"flow_packet_id":1,"flow_src_last_pkt_time":1686467393700733,"flow_dst_last_pkt_time":1686467393700733,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686467393700733,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN6DcAasAJUmdAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686467393700733,"flow_src_last_pkt_time":1686467393700733,"flow_dst_last_pkt_time":1686467393700733,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686467393700733,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41180,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686466394503634,"flow_src_last_pkt_time":1686466394503634,"flow_dst_last_pkt_time":1686466394503634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686467393700733,"l3_proto":"ip4","src_ip":"193.219.252.221","dst_ip":"90.147.171.51","src_port":51650,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":425,"packets-processed":424,"total-skipped-flows":0,"total-l4-payload-len":21611,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":418,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":418,"total-idle-flows":417,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2027,"global_ts_usec":1686469130125468} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686469130125468,"flow_src_last_pkt_time":1686469130125468,"flow_dst_last_pkt_time":1686469130125468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686469130125468,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":40785,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":419,"flow_packet_id":1,"flow_src_last_pkt_time":1686469130125468,"flow_dst_last_pkt_time":1686469130125468,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686469130125468,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMp9RAasAJUspAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686469130125468,"flow_src_last_pkt_time":1686469130125468,"flow_dst_last_pkt_time":1686469130125468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686469130125468,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":40785,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686467393700733,"flow_src_last_pkt_time":1686467393700733,"flow_dst_last_pkt_time":1686467393700733,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686469130125468,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41180,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":426,"packets-processed":425,"total-skipped-flows":0,"total-l4-payload-len":21640,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":419,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":419,"total-idle-flows":418,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2032,"global_ts_usec":1686473127013443} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473127013443,"flow_src_last_pkt_time":1686473127013443,"flow_dst_last_pkt_time":1686473127013443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473127013443,"l3_proto":"ip4","src_ip":"174.18.32.224","dst_ip":"74.111.203.55","src_port":53272,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":420,"flow_packet_id":1,"flow_src_last_pkt_time":1686473127013443,"flow_dst_last_pkt_time":1686473127013443,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686473127013443,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRX\/muEiDgSm\/LN9AYAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473127013443,"flow_src_last_pkt_time":1686473127013443,"flow_dst_last_pkt_time":1686473127013443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473127013443,"l3_proto":"ip4","src_ip":"174.18.32.224","dst_ip":"74.111.203.55","src_port":53272,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686469130125468,"flow_src_last_pkt_time":1686469130125468,"flow_dst_last_pkt_time":1686469130125468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473127013443,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":40785,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473724125289,"flow_src_last_pkt_time":1686473724125289,"flow_dst_last_pkt_time":1686473724125289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473724125289,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"69.109.187.54","src_port":59095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":421,"flow_packet_id":1,"flow_src_last_pkt_time":1686473724125289,"flow_dst_last_pkt_time":1686473724125289,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686473724125289,"pkt":"bpHurUgdPJTVQTiBCABFCAB+1DEAAOsRrCDthLCIRW27NubXAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473724125289,"flow_src_last_pkt_time":1686473724125289,"flow_dst_last_pkt_time":1686473724125289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473724125289,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"69.109.187.54","src_port":59095,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473127013443,"flow_src_last_pkt_time":1686473127013443,"flow_dst_last_pkt_time":1686473127013443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473724125289,"l3_proto":"ip4","src_ip":"174.18.32.224","dst_ip":"74.111.203.55","src_port":53272,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":428,"packets-processed":427,"total-skipped-flows":0,"total-l4-payload-len":21767,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":421,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":421,"total-idle-flows":420,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2041,"global_ts_usec":1686474011529942} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686474011529942,"flow_src_last_pkt_time":1686474011529942,"flow_dst_last_pkt_time":1686474011529942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686474011529942,"l3_proto":"ip4","src_ip":"37.36.31.210","dst_ip":"165.144.84.62","src_port":53791,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":422,"flow_packet_id":1,"flow_src_last_pkt_time":1686474011529942,"flow_dst_last_pkt_time":1686474011529942,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686474011529942,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbMMlJB\/SpZBUPtIfAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686474011529942,"flow_src_last_pkt_time":1686474011529942,"flow_dst_last_pkt_time":1686474011529942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686474011529942,"l3_proto":"ip4","src_ip":"37.36.31.210","dst_ip":"165.144.84.62","src_port":53791,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473724125289,"flow_src_last_pkt_time":1686473724125289,"flow_dst_last_pkt_time":1686473724125289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686474011529942,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"69.109.187.54","src_port":59095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":429,"packets-processed":428,"total-skipped-flows":0,"total-l4-payload-len":21796,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":422,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":422,"total-idle-flows":421,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2046,"global_ts_usec":1686475183417032} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475183417032,"flow_src_last_pkt_time":1686475183417032,"flow_dst_last_pkt_time":1686475183417032,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475183417032,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":34976,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":423,"flow_packet_id":1,"flow_src_last_pkt_time":1686475183417032,"flow_dst_last_pkt_time":1686475183417032,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686475183417032,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLWusAACIRb79b\/2t0VW80OYigAasAN5kkAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475183417032,"flow_src_last_pkt_time":1686475183417032,"flow_dst_last_pkt_time":1686475183417032,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475183417032,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":34976,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686474011529942,"flow_src_last_pkt_time":1686474011529942,"flow_dst_last_pkt_time":1686474011529942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475183417032,"l3_proto":"ip4","src_ip":"37.36.31.210","dst_ip":"165.144.84.62","src_port":53791,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":430,"packets-processed":429,"total-skipped-flows":0,"total-l4-payload-len":21843,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":423,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":423,"total-idle-flows":422,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2051,"global_ts_usec":1686475826792753} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475826792753,"flow_src_last_pkt_time":1686475826792753,"flow_dst_last_pkt_time":1686475826792753,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475826792753,"l3_proto":"ip4","src_ip":"47.51.0.222","dst_ip":"69.109.187.54","src_port":53190,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":424,"flow_packet_id":1,"flow_src_last_pkt_time":1686475826792753,"flow_dst_last_pkt_time":1686475826792753,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686475826792753,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRXtkvMwDeRW27Ns\/GAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475826792753,"flow_src_last_pkt_time":1686475826792753,"flow_dst_last_pkt_time":1686475826792753,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475826792753,"l3_proto":"ip4","src_ip":"47.51.0.222","dst_ip":"69.109.187.54","src_port":53190,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475183417032,"flow_src_last_pkt_time":1686475183417032,"flow_dst_last_pkt_time":1686475183417032,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475826792753,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":34976,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":431,"packets-processed":430,"total-skipped-flows":0,"total-l4-payload-len":21872,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":424,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":424,"total-idle-flows":423,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2056,"global_ts_usec":1686495926985957} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686495926985957,"flow_src_last_pkt_time":1686495926985957,"flow_dst_last_pkt_time":1686495926985957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686495926985957,"l3_proto":"ip4","src_ip":"238.156.97.151","dst_ip":"74.111.203.55","src_port":35769,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":425,"flow_packet_id":1,"flow_src_last_pkt_time":1686495926985957,"flow_dst_last_pkt_time":1686495926985957,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686495926985957,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAO0RqinunGGXSm\/LN4u5AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686495926985957,"flow_src_last_pkt_time":1686495926985957,"flow_dst_last_pkt_time":1686495926985957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686495926985957,"l3_proto":"ip4","src_ip":"238.156.97.151","dst_ip":"74.111.203.55","src_port":35769,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":432,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475826792753,"flow_src_last_pkt_time":1686475826792753,"flow_dst_last_pkt_time":1686475826792753,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686495926985957,"l3_proto":"ip4","src_ip":"47.51.0.222","dst_ip":"69.109.187.54","src_port":53190,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":432,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686496447196573,"flow_src_last_pkt_time":1686496447196573,"flow_dst_last_pkt_time":1686496447196573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686496447196573,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":33745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":432,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":426,"flow_packet_id":1,"flow_src_last_pkt_time":1686496447196573,"flow_dst_last_pkt_time":1686496447196573,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686496447196573,"pkt":"moT+\/Ph8PJTVQTiBCABFCAB+1DEAAO0REAmGtJCVVW80OYPRAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":432,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686496447196573,"flow_src_last_pkt_time":1686496447196573,"flow_dst_last_pkt_time":1686496447196573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686496447196573,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":33745,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686495926985957,"flow_src_last_pkt_time":1686495926985957,"flow_dst_last_pkt_time":1686495926985957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686496447196573,"l3_proto":"ip4","src_ip":"238.156.97.151","dst_ip":"74.111.203.55","src_port":35769,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":433,"packets-processed":432,"total-skipped-flows":0,"total-l4-payload-len":22068,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":426,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":426,"total-idle-flows":425,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2065,"global_ts_usec":1686497167515992} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686497167515992,"flow_src_last_pkt_time":1686497167515992,"flow_dst_last_pkt_time":1686497167515992,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686497167515992,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.147.171.51","src_port":37012,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":427,"flow_packet_id":1,"flow_src_last_pkt_time":1686497167515992,"flow_dst_last_pkt_time":1686497167515992,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686497167515992,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZf2S2hzWpOrM5CUAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686497167515992,"flow_src_last_pkt_time":1686497167515992,"flow_dst_last_pkt_time":1686497167515992,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686497167515992,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.147.171.51","src_port":37012,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686496447196573,"flow_src_last_pkt_time":1686496447196573,"flow_dst_last_pkt_time":1686496447196573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686497167515992,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":33745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":434,"packets-processed":433,"total-skipped-flows":0,"total-l4-payload-len":22166,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":427,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":427,"total-idle-flows":426,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2070,"global_ts_usec":1686499664191010} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686499664191010,"flow_src_last_pkt_time":1686499664191010,"flow_dst_last_pkt_time":1686499664191010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686499664191010,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":54319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":428,"flow_packet_id":1,"flow_src_last_pkt_time":1686499664191010,"flow_dst_last_pkt_time":1686499664191010,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686499664191010,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAO8RDcZGtG\/xpXLKPdQvAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686499664191010,"flow_src_last_pkt_time":1686499664191010,"flow_dst_last_pkt_time":1686499664191010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686499664191010,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":54319,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686497167515992,"flow_src_last_pkt_time":1686497167515992,"flow_dst_last_pkt_time":1686497167515992,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686499664191010,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.147.171.51","src_port":37012,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":435,"packets-processed":434,"total-skipped-flows":0,"total-l4-payload-len":22264,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":428,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":428,"total-idle-flows":427,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2075,"global_ts_usec":1686501344601870} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501344601870,"flow_src_last_pkt_time":1686501344601870,"flow_dst_last_pkt_time":1686501344601870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501344601870,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.111.212.50","src_port":59479,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":429,"flow_packet_id":1,"flow_src_last_pkt_time":1686501344601870,"flow_dst_last_pkt_time":1686501344601870,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686501344601870,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqjATY5KcWm\/UMuhXAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501344601870,"flow_src_last_pkt_time":1686501344601870,"flow_dst_last_pkt_time":1686501344601870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501344601870,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.111.212.50","src_port":59479,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":436,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686499664191010,"flow_src_last_pkt_time":1686499664191010,"flow_dst_last_pkt_time":1686499664191010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501344601870,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":54319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":436,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501359797956,"flow_src_last_pkt_time":1686501359797956,"flow_dst_last_pkt_time":1686501359797956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501359797956,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":46227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":436,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":430,"flow_packet_id":1,"flow_src_last_pkt_time":1686501359797956,"flow_dst_last_pkt_time":1686501359797956,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686501359797956,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPMRCY72S2hzWpG0OrSTAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":436,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501359797956,"flow_src_last_pkt_time":1686501359797956,"flow_dst_last_pkt_time":1686501359797956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501359797956,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":46227,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":437,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501844780096,"flow_src_last_pkt_time":1686501844780096,"flow_dst_last_pkt_time":1686501844780096,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501844780096,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"74.111.203.55","src_port":16085,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":437,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":431,"flow_packet_id":1,"flow_src_last_pkt_time":1686501844780096,"flow_dst_last_pkt_time":1686501844780096,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686501844780096,"pkt":"ipffLU2SPJTVQTiBCABFCABLP18AACQRhQbjB7LfSm\/LNz7VAasAN96qAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":437,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501844780096,"flow_src_last_pkt_time":1686501844780096,"flow_dst_last_pkt_time":1686501844780096,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501844780096,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"74.111.203.55","src_port":16085,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501359797956,"flow_src_last_pkt_time":1686501359797956,"flow_dst_last_pkt_time":1686501359797956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501844780096,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":46227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501344601870,"flow_src_last_pkt_time":1686501344601870,"flow_dst_last_pkt_time":1686501344601870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501844780096,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.111.212.50","src_port":59479,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":438,"packets-processed":437,"total-skipped-flows":0,"total-l4-payload-len":22507,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":431,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":431,"total-idle-flows":430,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2088,"global_ts_usec":1686503041221893} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503041221893,"flow_src_last_pkt_time":1686503041221893,"flow_dst_last_pkt_time":1686503041221893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503041221893,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":37571,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":432,"flow_packet_id":1,"flow_src_last_pkt_time":1686503041221893,"flow_dst_last_pkt_time":1686503041221893,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686503041221893,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRCZH2S2hzWo0lOJLDAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503041221893,"flow_src_last_pkt_time":1686503041221893,"flow_dst_last_pkt_time":1686503041221893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503041221893,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":37571,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501844780096,"flow_src_last_pkt_time":1686501844780096,"flow_dst_last_pkt_time":1686501844780096,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503041221893,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"74.111.203.55","src_port":16085,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":439,"packets-processed":438,"total-skipped-flows":0,"total-l4-payload-len":22605,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":432,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":432,"total-idle-flows":431,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2093,"global_ts_usec":1686503642111524} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503642111524,"flow_src_last_pkt_time":1686503642111524,"flow_dst_last_pkt_time":1686503642111524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503642111524,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"69.109.187.54","src_port":52184,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":433,"flow_packet_id":1,"flow_src_last_pkt_time":1686503642111524,"flow_dst_last_pkt_time":1686503642111524,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686503642111524,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAO8RDc9GtG\/xRW27NsvYAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503642111524,"flow_src_last_pkt_time":1686503642111524,"flow_dst_last_pkt_time":1686503642111524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503642111524,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"69.109.187.54","src_port":52184,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503041221893,"flow_src_last_pkt_time":1686503041221893,"flow_dst_last_pkt_time":1686503041221893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503642111524,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":37571,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":440,"packets-processed":439,"total-skipped-flows":0,"total-l4-payload-len":22703,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":433,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":433,"total-idle-flows":432,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2098,"global_ts_usec":1686504303052084} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686504303052084,"flow_src_last_pkt_time":1686504303052084,"flow_dst_last_pkt_time":1686504303052084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686504303052084,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"165.144.84.62","src_port":40378,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":434,"flow_packet_id":1,"flow_src_last_pkt_time":1686504303052084,"flow_dst_last_pkt_time":1686504303052084,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686504303052084,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCYz2S2hzpZBUPp26AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686504303052084,"flow_src_last_pkt_time":1686504303052084,"flow_dst_last_pkt_time":1686504303052084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686504303052084,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"165.144.84.62","src_port":40378,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503642111524,"flow_src_last_pkt_time":1686503642111524,"flow_dst_last_pkt_time":1686503642111524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686504303052084,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"69.109.187.54","src_port":52184,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":441,"packets-processed":440,"total-skipped-flows":0,"total-l4-payload-len":22801,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":434,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":434,"total-idle-flows":433,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2103,"global_ts_usec":1686509878709062} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686509878709062,"flow_src_last_pkt_time":1686509878709062,"flow_dst_last_pkt_time":1686509878709062,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686509878709062,"l3_proto":"ip4","src_ip":"138.18.252.120","dst_ip":"165.114.202.61","src_port":11561,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":435,"flow_packet_id":1,"flow_src_last_pkt_time":1686509878709062,"flow_dst_last_pkt_time":1686509878709062,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686509878709062,"pkt":"AAwp30Y4PJTVQTiBCABFBABSCXBAACIRPHOKEvx4pXLKPS0pAasAPkHRAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686509878709062,"flow_src_last_pkt_time":1686509878709062,"flow_dst_last_pkt_time":1686509878709062,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686509878709062,"l3_proto":"ip4","src_ip":"138.18.252.120","dst_ip":"165.114.202.61","src_port":11561,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686504303052084,"flow_src_last_pkt_time":1686504303052084,"flow_dst_last_pkt_time":1686504303052084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686509878709062,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"165.144.84.62","src_port":40378,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":442,"packets-processed":441,"total-skipped-flows":0,"total-l4-payload-len":22855,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":435,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":435,"total-idle-flows":434,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2108,"global_ts_usec":1686512676583485} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686512676583485,"flow_src_last_pkt_time":1686512676583485,"flow_dst_last_pkt_time":1686512676583485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686512676583485,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"90.141.37.56","src_port":55022,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":436,"flow_packet_id":1,"flow_src_last_pkt_time":1686512676583485,"flow_dst_last_pkt_time":1686512676583485,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686512676583485,"pkt":"3jHC4dyOPJTVQTiBCABFCABLlmEAACQRLg7boGXRWo0lONbuAasAN0abAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686512676583485,"flow_src_last_pkt_time":1686512676583485,"flow_dst_last_pkt_time":1686512676583485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686512676583485,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"90.141.37.56","src_port":55022,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686509878709062,"flow_src_last_pkt_time":1686509878709062,"flow_dst_last_pkt_time":1686509878709062,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686512676583485,"l3_proto":"ip4","src_ip":"138.18.252.120","dst_ip":"165.114.202.61","src_port":11561,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":443,"packets-processed":442,"total-skipped-flows":0,"total-l4-payload-len":22902,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":436,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":436,"total-idle-flows":435,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2113,"global_ts_usec":1686513474297518} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686513474297518,"flow_src_last_pkt_time":1686513474297518,"flow_dst_last_pkt_time":1686513474297518,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686513474297518,"l3_proto":"ip4","src_ip":"66.228.166.55","dst_ip":"69.109.187.54","src_port":51471,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":437,"flow_packet_id":1,"flow_src_last_pkt_time":1686513474297518,"flow_dst_last_pkt_time":1686513474297518,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686513474297518,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRbVpC5KY3RW27NskPAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686513474297518,"flow_src_last_pkt_time":1686513474297518,"flow_dst_last_pkt_time":1686513474297518,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686513474297518,"l3_proto":"ip4","src_ip":"66.228.166.55","dst_ip":"69.109.187.54","src_port":51471,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686512676583485,"flow_src_last_pkt_time":1686512676583485,"flow_dst_last_pkt_time":1686512676583485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686513474297518,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"90.141.37.56","src_port":55022,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":444,"packets-processed":443,"total-skipped-flows":0,"total-l4-payload-len":22931,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":437,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":437,"total-idle-flows":436,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2118,"global_ts_usec":1686525113247519} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686525113247519,"flow_src_last_pkt_time":1686525113247519,"flow_dst_last_pkt_time":1686525113247519,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686525113247519,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"90.147.171.51","src_port":53093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":438,"flow_packet_id":1,"flow_src_last_pkt_time":1686525113247519,"flow_dst_last_pkt_time":1686525113247519,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686525113247519,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXums7ZjRWpOrM89lAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686525113247519,"flow_src_last_pkt_time":1686525113247519,"flow_dst_last_pkt_time":1686525113247519,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686525113247519,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"90.147.171.51","src_port":53093,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686513474297518,"flow_src_last_pkt_time":1686513474297518,"flow_dst_last_pkt_time":1686513474297518,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686525113247519,"l3_proto":"ip4","src_ip":"66.228.166.55","dst_ip":"69.109.187.54","src_port":51471,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":445,"packets-processed":444,"total-skipped-flows":0,"total-l4-payload-len":22960,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":438,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":438,"total-idle-flows":437,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2123,"global_ts_usec":1686526077263977} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686526077263977,"flow_src_last_pkt_time":1686526077263977,"flow_dst_last_pkt_time":1686526077263977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686526077263977,"l3_proto":"ip4","src_ip":"82.19.88.220","dst_ip":"186.112.202.53","src_port":49990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":439,"flow_packet_id":1,"flow_src_last_pkt_time":1686526077263977,"flow_dst_last_pkt_time":1686526077263977,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686526077263977,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRX9pSE1jcunDKNcNGAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686526077263977,"flow_src_last_pkt_time":1686526077263977,"flow_dst_last_pkt_time":1686526077263977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686526077263977,"l3_proto":"ip4","src_ip":"82.19.88.220","dst_ip":"186.112.202.53","src_port":49990,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686525113247519,"flow_src_last_pkt_time":1686525113247519,"flow_dst_last_pkt_time":1686525113247519,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686526077263977,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"90.147.171.51","src_port":53093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":446,"packets-processed":445,"total-skipped-flows":0,"total-l4-payload-len":22989,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":439,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":439,"total-idle-flows":438,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2128,"global_ts_usec":1686529340012662} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686529340012662,"flow_src_last_pkt_time":1686529340012662,"flow_dst_last_pkt_time":1686529340012662,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686529340012662,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":2538,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":440,"flow_packet_id":1,"flow_src_last_pkt_time":1686529340012662,"flow_dst_last_pkt_time":1686529340012662,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686529340012662,"pkt":"3jHC4dyOPJTVQTiBCABFCABLCXUAACIRwTynB5p9Wo0lOAnqAasANxfiAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686529340012662,"flow_src_last_pkt_time":1686529340012662,"flow_dst_last_pkt_time":1686529340012662,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686529340012662,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":2538,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686526077263977,"flow_src_last_pkt_time":1686526077263977,"flow_dst_last_pkt_time":1686526077263977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686529340012662,"l3_proto":"ip4","src_ip":"82.19.88.220","dst_ip":"186.112.202.53","src_port":49990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":447,"packets-processed":446,"total-skipped-flows":0,"total-l4-payload-len":23036,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":440,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":440,"total-idle-flows":439,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2133,"global_ts_usec":1686547842864988} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686547842864988,"flow_src_last_pkt_time":1686547842864988,"flow_dst_last_pkt_time":1686547842864988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686547842864988,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.111.212.50","src_port":54057,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":441,"flow_packet_id":1,"flow_src_last_pkt_time":1686547842864988,"flow_dst_last_pkt_time":1686547842864988,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686547842864988,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXqPOzBhaWm\/UMtMpAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686547842864988,"flow_src_last_pkt_time":1686547842864988,"flow_dst_last_pkt_time":1686547842864988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686547842864988,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.111.212.50","src_port":54057,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686529340012662,"flow_src_last_pkt_time":1686529340012662,"flow_dst_last_pkt_time":1686529340012662,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686547842864988,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":2538,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":448,"packets-processed":447,"total-skipped-flows":0,"total-l4-payload-len":23065,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":441,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":441,"total-idle-flows":440,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2138,"global_ts_usec":1686548676434879} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686548676434879,"flow_src_last_pkt_time":1686548676434879,"flow_dst_last_pkt_time":1686548676434879,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686548676434879,"l3_proto":"ip4","src_ip":"185.33.65.208","dst_ip":"74.111.203.55","src_port":52802,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":442,"flow_packet_id":1,"flow_src_last_pkt_time":1686548676434879,"flow_dst_last_pkt_time":1686548676434879,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686548676434879,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRbM+5IUHQSm\/LN85CAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686548676434879,"flow_src_last_pkt_time":1686548676434879,"flow_dst_last_pkt_time":1686548676434879,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686548676434879,"l3_proto":"ip4","src_ip":"185.33.65.208","dst_ip":"74.111.203.55","src_port":52802,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686547842864988,"flow_src_last_pkt_time":1686547842864988,"flow_dst_last_pkt_time":1686547842864988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686548676434879,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.111.212.50","src_port":54057,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":449,"packets-processed":448,"total-skipped-flows":0,"total-l4-payload-len":23094,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":442,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":442,"total-idle-flows":441,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2143,"global_ts_usec":1686549393930759} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686549393930759,"flow_src_last_pkt_time":1686549393930759,"flow_dst_last_pkt_time":1686549393930759,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686549393930759,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"186.112.202.53","src_port":28374,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":443,"flow_packet_id":1,"flow_src_last_pkt_time":1686549393930759,"flow_dst_last_pkt_time":1686549393930759,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686549393930759,"pkt":"xmjqc4OdPJTVQTiBCABFCABLQj4AACQRhmwj\/EVxunDKNW7WAasAN7LuAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686549393930759,"flow_src_last_pkt_time":1686549393930759,"flow_dst_last_pkt_time":1686549393930759,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686549393930759,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"186.112.202.53","src_port":28374,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686548676434879,"flow_src_last_pkt_time":1686548676434879,"flow_dst_last_pkt_time":1686548676434879,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686549393930759,"l3_proto":"ip4","src_ip":"185.33.65.208","dst_ip":"74.111.203.55","src_port":52802,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":450,"packets-processed":449,"total-skipped-flows":0,"total-l4-payload-len":23141,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":443,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":443,"total-idle-flows":442,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2148,"global_ts_usec":1686554987062980} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":444,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686554987062980,"flow_src_last_pkt_time":1686554987062980,"flow_dst_last_pkt_time":1686554987062980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686554987062980,"l3_proto":"ip4","src_ip":"47.236.248.231","dst_ip":"90.141.37.56","src_port":52985,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":444,"flow_packet_id":1,"flow_src_last_pkt_time":1686554987062980,"flow_dst_last_pkt_time":1686554987062980,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686554987062980,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRXvwv7PjnWo0lOM75AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":444,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686554987062980,"flow_src_last_pkt_time":1686554987062980,"flow_dst_last_pkt_time":1686554987062980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686554987062980,"l3_proto":"ip4","src_ip":"47.236.248.231","dst_ip":"90.141.37.56","src_port":52985,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686549393930759,"flow_src_last_pkt_time":1686549393930759,"flow_dst_last_pkt_time":1686549393930759,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686554987062980,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"186.112.202.53","src_port":28374,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":451,"packets-processed":450,"total-skipped-flows":0,"total-l4-payload-len":23170,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":444,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":444,"total-idle-flows":443,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2153,"global_ts_usec":1686556816084247} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556816084247,"flow_src_last_pkt_time":1686556816084247,"flow_dst_last_pkt_time":1686556816084247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686556816084247,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.111.212.50","src_port":43924,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":445,"flow_packet_id":1,"flow_src_last_pkt_time":1686556816084247,"flow_dst_last_pkt_time":1686556816084247,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686556816084247,"pkt":"AAwp30Y4PJTVQTiBCABFCAA11DEAAPERM4GtoQqtWm\/UMquUAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556816084247,"flow_src_last_pkt_time":1686556816084247,"flow_dst_last_pkt_time":1686556816084247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686556816084247,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.111.212.50","src_port":43924,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":444,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686554987062980,"flow_src_last_pkt_time":1686554987062980,"flow_dst_last_pkt_time":1686554987062980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686556816084247,"l3_proto":"ip4","src_ip":"47.236.248.231","dst_ip":"90.141.37.56","src_port":52985,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":446,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556919146434,"flow_src_last_pkt_time":1686556919146434,"flow_dst_last_pkt_time":1686556919146434,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686556919146434,"l3_proto":"ip4","src_ip":"185.213.154.138","dst_ip":"165.114.202.61","src_port":52528,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":446,"flow_packet_id":1,"flow_src_last_pkt_time":1686556919146434,"flow_dst_last_pkt_time":1686556919146434,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686556919146434,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbRK51ZqKpXLKPc0wAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01076{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":446,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556919146434,"flow_src_last_pkt_time":1686556919146434,"flow_dst_last_pkt_time":1686556919146434,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686556919146434,"l3_proto":"ip4","src_ip":"185.213.154.138","dst_ip":"165.114.202.61","src_port":52528,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Mullvad","proto_by_ip_id":348,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556816084247,"flow_src_last_pkt_time":1686556816084247,"flow_dst_last_pkt_time":1686556816084247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686556919146434,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.111.212.50","src_port":43924,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":447,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557322938004,"flow_src_last_pkt_time":1686557322938004,"flow_dst_last_pkt_time":1686557322938004,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557322938004,"l3_proto":"ip4","src_ip":"191.184.52.78","dst_ip":"90.111.212.50","src_port":64609,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":447,"flow_packet_id":1,"flow_src_last_pkt_time":1686557322938004,"flow_dst_last_pkt_time":1686557322938004,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686557322938004,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+0zBAADMRzii\/uDROWm\/UMvxhAasAKsyzAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":447,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557322938004,"flow_src_last_pkt_time":1686557322938004,"flow_dst_last_pkt_time":1686557322938004,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557322938004,"l3_proto":"ip4","src_ip":"191.184.52.78","dst_ip":"90.111.212.50","src_port":64609,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556816084247,"flow_src_last_pkt_time":1686556816084247,"flow_dst_last_pkt_time":1686556816084247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557322938004,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.111.212.50","src_port":43924,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":446,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556919146434,"flow_src_last_pkt_time":1686556919146434,"flow_dst_last_pkt_time":1686556919146434,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557322938004,"l3_proto":"ip4","src_ip":"185.213.154.138","dst_ip":"165.114.202.61","src_port":52528,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Mullvad","proto_by_ip_id":348,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":454,"packets-processed":453,"total-skipped-flows":0,"total-l4-payload-len":23258,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":447,"total-detection-updates":0,"total-updates":82,"current-active-flows":1,"total-active-flows":447,"total-idle-flows":446,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2167,"global_ts_usec":1686557572392407} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":448,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557572392407,"flow_src_last_pkt_time":1686557572392407,"flow_dst_last_pkt_time":1686557572392407,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557572392407,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"165.144.84.62","src_port":3597,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":448,"flow_packet_id":1,"flow_src_last_pkt_time":1686557572392407,"flow_dst_last_pkt_time":1686557572392407,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686557572392407,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+j2xAADMREeWnQdRQpZBUPg4NAasAKrsAAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":448,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557572392407,"flow_src_last_pkt_time":1686557572392407,"flow_dst_last_pkt_time":1686557572392407,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557572392407,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"165.144.84.62","src_port":3597,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":455,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":447,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557322938004,"flow_src_last_pkt_time":1686557322938004,"flow_dst_last_pkt_time":1686557322938004,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557572392407,"l3_proto":"ip4","src_ip":"191.184.52.78","dst_ip":"90.111.212.50","src_port":64609,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":455,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558124354447,"flow_src_last_pkt_time":1686558124354447,"flow_dst_last_pkt_time":1686558124354447,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558124354447,"l3_proto":"ip4","src_ip":"185.62.196.74","dst_ip":"165.114.202.61","src_port":50485,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":455,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":449,"flow_packet_id":1,"flow_src_last_pkt_time":1686558124354447,"flow_dst_last_pkt_time":1686558124354447,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686558124354447,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+H7dAADMRgZO5PsRKpXLKPcU1AasAKgPRAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":455,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558124354447,"flow_src_last_pkt_time":1686558124354447,"flow_dst_last_pkt_time":1686558124354447,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558124354447,"l3_proto":"ip4","src_ip":"185.62.196.74","dst_ip":"165.114.202.61","src_port":50485,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":448,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557572392407,"flow_src_last_pkt_time":1686557572392407,"flow_dst_last_pkt_time":1686557572392407,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558124354447,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"165.144.84.62","src_port":3597,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":456,"packets-processed":455,"total-skipped-flows":0,"total-l4-payload-len":23326,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":449,"total-detection-updates":0,"total-updates":82,"current-active-flows":1,"total-active-flows":449,"total-idle-flows":448,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2176,"global_ts_usec":1686558422116551} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558422116551,"flow_src_last_pkt_time":1686558422116551,"flow_dst_last_pkt_time":1686558422116551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558422116551,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"90.145.180.58","src_port":8856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":450,"flow_packet_id":1,"flow_src_last_pkt_time":1686558422116551,"flow_dst_last_pkt_time":1686558422116551,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686558422116551,"pkt":"bs1PogZtPJTVQTiBCABFAAA+YlBAADMRPwOnQdRQWpG0OiKYAasAKqZ3AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558422116551,"flow_src_last_pkt_time":1686558422116551,"flow_dst_last_pkt_time":1686558422116551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558422116551,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"90.145.180.58","src_port":8856,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558124354447,"flow_src_last_pkt_time":1686558124354447,"flow_dst_last_pkt_time":1686558124354447,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558422116551,"l3_proto":"ip4","src_ip":"185.62.196.74","dst_ip":"165.114.202.61","src_port":50485,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":451,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558440675193,"flow_src_last_pkt_time":1686558440675193,"flow_dst_last_pkt_time":1686558440675193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558440675193,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"74.111.203.55","src_port":46615,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":451,"flow_packet_id":1,"flow_src_last_pkt_time":1686558440675193,"flow_dst_last_pkt_time":1686558440675193,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686558440675193,"pkt":"ipffLU2SPJTVQTiBCABFAAA+VVVAADMRTABBRitLSm\/LN7YXAasAKhL6AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":451,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558440675193,"flow_src_last_pkt_time":1686558440675193,"flow_dst_last_pkt_time":1686558440675193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558440675193,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"74.111.203.55","src_port":46615,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":452,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558852064997,"flow_src_last_pkt_time":1686558852064997,"flow_dst_last_pkt_time":1686558852064997,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558852064997,"l3_proto":"ip4","src_ip":"64.64.43.81","dst_ip":"90.141.37.56","src_port":58560,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":452,"flow_packet_id":1,"flow_src_last_pkt_time":1686558852064997,"flow_dst_last_pkt_time":1686558852064997,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686558852064997,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+a8pAADMRNY1AQCtRWo0lOOTAAasAKuRSAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":452,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558852064997,"flow_src_last_pkt_time":1686558852064997,"flow_dst_last_pkt_time":1686558852064997,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558852064997,"l3_proto":"ip4","src_ip":"64.64.43.81","dst_ip":"90.141.37.56","src_port":58560,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":451,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558440675193,"flow_src_last_pkt_time":1686558440675193,"flow_dst_last_pkt_time":1686558440675193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558852064997,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"74.111.203.55","src_port":46615,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558422116551,"flow_src_last_pkt_time":1686558422116551,"flow_dst_last_pkt_time":1686558422116551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558852064997,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"90.145.180.58","src_port":8856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":459,"packets-processed":458,"total-skipped-flows":0,"total-l4-payload-len":23428,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":452,"total-detection-updates":0,"total-updates":82,"current-active-flows":1,"total-active-flows":452,"total-idle-flows":451,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2189,"global_ts_usec":1686559367388486} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559367388486,"flow_src_last_pkt_time":1686559367388486,"flow_dst_last_pkt_time":1686559367388486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559367388486,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"85.111.52.57","src_port":24868,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":453,"flow_packet_id":1,"flow_src_last_pkt_time":1686559367388486,"flow_dst_last_pkt_time":1686559367388486,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686559367388486,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+tTJAADMR7B1BRitLVW80OWEkAasAKmfoAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559367388486,"flow_src_last_pkt_time":1686559367388486,"flow_dst_last_pkt_time":1686559367388486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559367388486,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"85.111.52.57","src_port":24868,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":452,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558852064997,"flow_src_last_pkt_time":1686558852064997,"flow_dst_last_pkt_time":1686558852064997,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559367388486,"l3_proto":"ip4","src_ip":"64.64.43.81","dst_ip":"90.141.37.56","src_port":58560,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":454,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559497105642,"flow_src_last_pkt_time":1686559497105642,"flow_dst_last_pkt_time":1686559497105642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559497105642,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"69.109.187.54","src_port":16286,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":454,"flow_packet_id":1,"flow_src_last_pkt_time":1686559497105642,"flow_dst_last_pkt_time":1686559497105642,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686559497105642,"pkt":"bpHurUgdPJTVQTiBCABFAAA+H+JAADMRgXenQdRQRW27Nj+eAasAKol3AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":454,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559497105642,"flow_src_last_pkt_time":1686559497105642,"flow_dst_last_pkt_time":1686559497105642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559497105642,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"69.109.187.54","src_port":16286,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559367388486,"flow_src_last_pkt_time":1686559367388486,"flow_dst_last_pkt_time":1686559367388486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559497105642,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"85.111.52.57","src_port":24868,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":461,"packets-processed":460,"total-skipped-flows":0,"total-l4-payload-len":23496,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":454,"total-detection-updates":0,"total-updates":83,"current-active-flows":2,"total-active-flows":454,"total-idle-flows":452,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2198,"global_ts_usec":1686559998830359} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559998830359,"flow_src_last_pkt_time":1686559998830359,"flow_dst_last_pkt_time":1686559998830359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559998830359,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"74.111.203.55","src_port":2631,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":455,"flow_packet_id":1,"flow_src_last_pkt_time":1686559998830359,"flow_dst_last_pkt_time":1686559998830359,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686559998830359,"pkt":"ipffLU2SPJTVQTiBCABFAABLXmYAACYRdcAid3p+Sm\/LNwpHAasANyTyAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559998830359,"flow_src_last_pkt_time":1686559998830359,"flow_dst_last_pkt_time":1686559998830359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559998830359,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"74.111.203.55","src_port":2631,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":454,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559497105642,"flow_src_last_pkt_time":1686559497105642,"flow_dst_last_pkt_time":1686559497105642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559998830359,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"69.109.187.54","src_port":16286,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559367388486,"flow_src_last_pkt_time":1686559367388486,"flow_dst_last_pkt_time":1686559367388486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559998830359,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"85.111.52.57","src_port":24868,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":456,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686560166108940,"flow_src_last_pkt_time":1686560166108940,"flow_dst_last_pkt_time":1686560166108940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560166108940,"l3_proto":"ip4","src_ip":"211.50.152.79","dst_ip":"165.144.84.62","src_port":55356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":456,"flow_packet_id":1,"flow_src_last_pkt_time":1686560166108940,"flow_dst_last_pkt_time":1686560166108940,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686560166108940,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXo\/TMphPpZBUPtg8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":456,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686560166108940,"flow_src_last_pkt_time":1686560166108940,"flow_dst_last_pkt_time":1686560166108940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560166108940,"l3_proto":"ip4","src_ip":"211.50.152.79","dst_ip":"165.144.84.62","src_port":55356,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559998830359,"flow_src_last_pkt_time":1686559998830359,"flow_dst_last_pkt_time":1686559998830359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560166108940,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"74.111.203.55","src_port":2631,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":463,"packets-processed":462,"total-skipped-flows":0,"total-l4-payload-len":23572,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":456,"total-detection-updates":0,"total-updates":84,"current-active-flows":2,"total-active-flows":456,"total-idle-flows":454,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2208,"global_ts_usec":1686560793652859} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686560793652859,"flow_src_last_pkt_time":1686560793652859,"flow_dst_last_pkt_time":1686560793652859,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560793652859,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"186.112.202.53","src_port":45539,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":457,"flow_packet_id":1,"flow_src_last_pkt_time":1686560793652859,"flow_dst_last_pkt_time":1686560793652859,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686560793652859,"pkt":"xmjqc4OdPJTVQTiBCABFCAA11DEAAPERM36toQqtunDKNbHjAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686560793652859,"flow_src_last_pkt_time":1686560793652859,"flow_dst_last_pkt_time":1686560793652859,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560793652859,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"186.112.202.53","src_port":45539,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559998830359,"flow_src_last_pkt_time":1686559998830359,"flow_dst_last_pkt_time":1686559998830359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560793652859,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"74.111.203.55","src_port":2631,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":456,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686560166108940,"flow_src_last_pkt_time":1686560166108940,"flow_dst_last_pkt_time":1686560166108940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560793652859,"l3_proto":"ip4","src_ip":"211.50.152.79","dst_ip":"165.144.84.62","src_port":55356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561012661463,"flow_src_last_pkt_time":1686561012661463,"flow_dst_last_pkt_time":1686561012661463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561012661463,"l3_proto":"ip4","src_ip":"88.185.36.86","dst_ip":"90.147.171.51","src_port":4763,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":458,"flow_packet_id":1,"flow_src_last_pkt_time":1686561012661463,"flow_dst_last_pkt_time":1686561012661463,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686561012661463,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+YZxAADMRP8ZYuSRWWpOrMxKbAasAKraDAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561012661463,"flow_src_last_pkt_time":1686561012661463,"flow_dst_last_pkt_time":1686561012661463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561012661463,"l3_proto":"ip4","src_ip":"88.185.36.86","dst_ip":"90.147.171.51","src_port":4763,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686560793652859,"flow_src_last_pkt_time":1686560793652859,"flow_dst_last_pkt_time":1686560793652859,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561012661463,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"186.112.202.53","src_port":45539,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":459,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561057684079,"flow_src_last_pkt_time":1686561057684079,"flow_dst_last_pkt_time":1686561057684079,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561057684079,"l3_proto":"ip4","src_ip":"94.64.218.76","dst_ip":"186.112.202.53","src_port":16452,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":459,"flow_packet_id":1,"flow_src_last_pkt_time":1686561057684079,"flow_dst_last_pkt_time":1686561057684079,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686561057684079,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+zdNAADMR04BeQNpMunDKNUBEAasAKojMAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":459,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561057684079,"flow_src_last_pkt_time":1686561057684079,"flow_dst_last_pkt_time":1686561057684079,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561057684079,"l3_proto":"ip4","src_ip":"94.64.218.76","dst_ip":"186.112.202.53","src_port":16452,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561012661463,"flow_src_last_pkt_time":1686561012661463,"flow_dst_last_pkt_time":1686561012661463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561057684079,"l3_proto":"ip4","src_ip":"88.185.36.86","dst_ip":"90.147.171.51","src_port":4763,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":460,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561147477324,"flow_src_last_pkt_time":1686561147477324,"flow_dst_last_pkt_time":1686561147477324,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561147477324,"l3_proto":"ip4","src_ip":"209.239.135.211","dst_ip":"85.111.52.57","src_port":55124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":460,"flow_packet_id":1,"flow_src_last_pkt_time":1686561147477324,"flow_dst_last_pkt_time":1686561147477324,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686561147477324,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPoRXuHR74fTVW80OddUAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":460,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561147477324,"flow_src_last_pkt_time":1686561147477324,"flow_dst_last_pkt_time":1686561147477324,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561147477324,"l3_proto":"ip4","src_ip":"209.239.135.211","dst_ip":"85.111.52.57","src_port":55124,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561012661463,"flow_src_last_pkt_time":1686561012661463,"flow_dst_last_pkt_time":1686561012661463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561147477324,"l3_proto":"ip4","src_ip":"88.185.36.86","dst_ip":"90.147.171.51","src_port":4763,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":459,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561057684079,"flow_src_last_pkt_time":1686561057684079,"flow_dst_last_pkt_time":1686561057684079,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561147477324,"l3_proto":"ip4","src_ip":"94.64.218.76","dst_ip":"186.112.202.53","src_port":16452,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":467,"packets-processed":466,"total-skipped-flows":0,"total-l4-payload-len":23694,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":460,"total-detection-updates":0,"total-updates":87,"current-active-flows":3,"total-active-flows":460,"total-idle-flows":457,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2227,"global_ts_usec":1686562035943293} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686562035943293,"flow_src_last_pkt_time":1686562035943293,"flow_dst_last_pkt_time":1686562035943293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"90.145.180.58","src_port":58464,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":461,"flow_packet_id":1,"flow_src_last_pkt_time":1686562035943293,"flow_dst_last_pkt_time":1686562035943293,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686562035943293,"pkt":"bs1PogZtPJTVQTiBCABFAABLyDkAACcRCuPigHp2WpG0OuRgAasAN0rOAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686562035943293,"flow_src_last_pkt_time":1686562035943293,"flow_dst_last_pkt_time":1686562035943293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"90.145.180.58","src_port":58464,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":460,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561147477324,"flow_src_last_pkt_time":1686561147477324,"flow_dst_last_pkt_time":1686561147477324,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"209.239.135.211","dst_ip":"85.111.52.57","src_port":55124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561012661463,"flow_src_last_pkt_time":1686561012661463,"flow_dst_last_pkt_time":1686561012661463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"88.185.36.86","dst_ip":"90.147.171.51","src_port":4763,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":459,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561057684079,"flow_src_last_pkt_time":1686561057684079,"flow_dst_last_pkt_time":1686561057684079,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"94.64.218.76","dst_ip":"186.112.202.53","src_port":16452,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":468,"packets-processed":467,"total-skipped-flows":0,"total-l4-payload-len":23741,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":461,"total-detection-updates":0,"total-updates":87,"current-active-flows":1,"total-active-flows":461,"total-idle-flows":460,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2234,"global_ts_usec":1686565369552713} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565369552713,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565369552713,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.114.202.61","src_port":51324,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_packet_id":1,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686565369552713,"pkt":"AAwp30Y4PJTVQTiBCABFAABL95AAACcR25EiZn14pXLKPch8AasAN2a4AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01079{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565369552713,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565369552713,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.114.202.61","src_port":51324,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686562035943293,"flow_src_last_pkt_time":1686562035943293,"flow_dst_last_pkt_time":1686562035943293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565369552713,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"90.145.180.58","src_port":58464,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":463,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565439403208,"flow_src_last_pkt_time":1686565439403208,"flow_dst_last_pkt_time":1686565439403208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565439403208,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.144.84.62","src_port":42304,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":463,"flow_packet_id":1,"flow_src_last_pkt_time":1686565439403208,"flow_dst_last_pkt_time":1686565439403208,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686565439403208,"pkt":"AAwp30Y4PJTVQTiBCABFBAA11DEAAOURP3utoQqtpZBUPqVAAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":463,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565439403208,"flow_src_last_pkt_time":1686565439403208,"flow_dst_last_pkt_time":1686565439403208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565439403208,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.144.84.62","src_port":42304,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01120{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565369552713,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565439403208,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.114.202.61","src_port":51324,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":470,"packets-processed":469,"total-skipped-flows":0,"total-l4-payload-len":23813,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":463,"total-detection-updates":0,"total-updates":88,"current-active-flows":2,"total-active-flows":463,"total-idle-flows":461,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2243,"global_ts_usec":1686572533804714} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":464,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686572533804714,"flow_src_last_pkt_time":1686572533804714,"flow_dst_last_pkt_time":1686572533804714,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686572533804714,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.145.180.58","src_port":53096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":464,"flow_packet_id":1,"flow_src_last_pkt_time":1686572533804714,"flow_dst_last_pkt_time":1686572533804714,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686572533804714,"pkt":"bs1PogZtPJTVQTiBCABFCAA11DEAAPERM3mtoQqtWpG0Os9oAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":464,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686572533804714,"flow_src_last_pkt_time":1686572533804714,"flow_dst_last_pkt_time":1686572533804714,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686572533804714,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.145.180.58","src_port":53096,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":463,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565439403208,"flow_src_last_pkt_time":1686565439403208,"flow_dst_last_pkt_time":1686565439403208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686572533804714,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.144.84.62","src_port":42304,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01118{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565369552713,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686572533804714,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.114.202.61","src_port":51324,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":471,"packets-processed":470,"total-skipped-flows":0,"total-l4-payload-len":23838,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":464,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":464,"total-idle-flows":463,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2249,"global_ts_usec":1686582591141391} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686582591141391,"flow_src_last_pkt_time":1686582591141391,"flow_dst_last_pkt_time":1686582591141391,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686582591141391,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":51824,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":465,"flow_packet_id":1,"flow_src_last_pkt_time":1686582591141391,"flow_dst_last_pkt_time":1686582591141391,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686582591141391,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPIRCxGGtJCVVW80OcpwAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686582591141391,"flow_src_last_pkt_time":1686582591141391,"flow_dst_last_pkt_time":1686582591141391,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686582591141391,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":51824,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":472,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":464,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686572533804714,"flow_src_last_pkt_time":1686572533804714,"flow_dst_last_pkt_time":1686572533804714,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686582591141391,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.145.180.58","src_port":53096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":472,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686582817928624,"flow_src_last_pkt_time":1686582817928624,"flow_dst_last_pkt_time":1686582817928624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686582817928624,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":35531,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":472,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":466,"flow_packet_id":1,"flow_src_last_pkt_time":1686582817928624,"flow_dst_last_pkt_time":1686582817928624,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686582817928624,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpTjsg6KdWpOrM4rLAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":472,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686582817928624,"flow_src_last_pkt_time":1686582817928624,"flow_dst_last_pkt_time":1686582817928624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686582817928624,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":35531,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686582591141391,"flow_src_last_pkt_time":1686582591141391,"flow_dst_last_pkt_time":1686582591141391,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686582817928624,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":51824,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583068043463,"flow_src_last_pkt_time":1686583068043463,"flow_dst_last_pkt_time":1686583068043463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583068043463,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"90.111.212.50","src_port":57860,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":467,"flow_packet_id":1,"flow_src_last_pkt_time":1686583068043463,"flow_dst_last_pkt_time":1686583068043463,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686583068043463,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPIRpTYtg6GYWm\/UMuIEAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583068043463,"flow_src_last_pkt_time":1686583068043463,"flow_dst_last_pkt_time":1686583068043463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583068043463,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"90.111.212.50","src_port":57860,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686582817928624,"flow_src_last_pkt_time":1686582817928624,"flow_dst_last_pkt_time":1686582817928624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583068043463,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":35531,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":474,"packets-processed":473,"total-skipped-flows":0,"total-l4-payload-len":24132,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":467,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":467,"total-idle-flows":466,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2262,"global_ts_usec":1686583896993524} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583896993524,"flow_src_last_pkt_time":1686583896993524,"flow_dst_last_pkt_time":1686583896993524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583896993524,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.141.37.56","src_port":60345,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":468,"flow_packet_id":1,"flow_src_last_pkt_time":1686583896993524,"flow_dst_last_pkt_time":1686583896993524,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686583896993524,"pkt":"3jHC4dyOPJTVQTiBCABFBAA11DEAAOURP4CtoQqtWo0lOOu5AasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583896993524,"flow_src_last_pkt_time":1686583896993524,"flow_dst_last_pkt_time":1686583896993524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583896993524,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.141.37.56","src_port":60345,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583068043463,"flow_src_last_pkt_time":1686583068043463,"flow_dst_last_pkt_time":1686583068043463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583896993524,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"90.111.212.50","src_port":57860,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":475,"packets-processed":474,"total-skipped-flows":0,"total-l4-payload-len":24157,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":468,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":468,"total-idle-flows":467,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2267,"global_ts_usec":1686585375283341} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686585375283341,"flow_src_last_pkt_time":1686585375283341,"flow_dst_last_pkt_time":1686585375283341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686585375283341,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.141.37.56","src_port":60624,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":469,"flow_packet_id":1,"flow_src_last_pkt_time":1686585375283341,"flow_dst_last_pkt_time":1686585375283341,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686585375283341,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRpScQY5OSWo0lOOzQAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686585375283341,"flow_src_last_pkt_time":1686585375283341,"flow_dst_last_pkt_time":1686585375283341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686585375283341,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.141.37.56","src_port":60624,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583896993524,"flow_src_last_pkt_time":1686583896993524,"flow_dst_last_pkt_time":1686583896993524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686585375283341,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.141.37.56","src_port":60345,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":476,"packets-processed":475,"total-skipped-flows":0,"total-l4-payload-len":24255,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":469,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":469,"total-idle-flows":468,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2272,"global_ts_usec":1686586012577392} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586012577392,"flow_src_last_pkt_time":1686586012577392,"flow_dst_last_pkt_time":1686586012577392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586012577392,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":50595,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":470,"flow_packet_id":1,"flow_src_last_pkt_time":1686586012577392,"flow_dst_last_pkt_time":1686586012577392,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686586012577392,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPIRCwa2tHiLpZBUPsWjAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586012577392,"flow_src_last_pkt_time":1686586012577392,"flow_dst_last_pkt_time":1686586012577392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586012577392,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":50595,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":477,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686585375283341,"flow_src_last_pkt_time":1686585375283341,"flow_dst_last_pkt_time":1686585375283341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586012577392,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.141.37.56","src_port":60624,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":477,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586604126248,"flow_src_last_pkt_time":1686586604126248,"flow_dst_last_pkt_time":1686586604126248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586604126248,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":58452,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":477,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":471,"flow_packet_id":1,"flow_src_last_pkt_time":1686586604126248,"flow_dst_last_pkt_time":1686586604126248,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686586604126248,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSUTY5OUpXLKPeRUAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":477,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586604126248,"flow_src_last_pkt_time":1686586604126248,"flow_dst_last_pkt_time":1686586604126248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586604126248,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":58452,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586012577392,"flow_src_last_pkt_time":1686586012577392,"flow_dst_last_pkt_time":1686586012577392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586604126248,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":50595,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":478,"packets-processed":477,"total-skipped-flows":0,"total-l4-payload-len":24451,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":471,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":471,"total-idle-flows":470,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2281,"global_ts_usec":1686588963792964} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686588963792964,"flow_src_last_pkt_time":1686588963792964,"flow_dst_last_pkt_time":1686588963792964,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686588963792964,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"69.109.187.54","src_port":52931,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":472,"flow_packet_id":1,"flow_src_last_pkt_time":1686588963792964,"flow_dst_last_pkt_time":1686588963792964,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686588963792964,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPIRpS3SfJyVRW27Ns7DAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686588963792964,"flow_src_last_pkt_time":1686588963792964,"flow_dst_last_pkt_time":1686588963792964,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686588963792964,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"69.109.187.54","src_port":52931,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586604126248,"flow_src_last_pkt_time":1686586604126248,"flow_dst_last_pkt_time":1686586604126248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686588963792964,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":58452,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":479,"packets-processed":478,"total-skipped-flows":0,"total-l4-payload-len":24549,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":472,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":472,"total-idle-flows":471,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2286,"global_ts_usec":1686590370864320} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686590370864320,"flow_src_last_pkt_time":1686590370864320,"flow_dst_last_pkt_time":1686590370864320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686590370864320,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":57887,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":473,"flow_packet_id":1,"flow_src_last_pkt_time":1686590370864320,"flow_dst_last_pkt_time":1686590370864320,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686590370864320,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAPIRCxSGtJCVunDKNeIfAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686590370864320,"flow_src_last_pkt_time":1686590370864320,"flow_dst_last_pkt_time":1686590370864320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686590370864320,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":57887,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686588963792964,"flow_src_last_pkt_time":1686588963792964,"flow_dst_last_pkt_time":1686588963792964,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686590370864320,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"69.109.187.54","src_port":52931,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":480,"packets-processed":479,"total-skipped-flows":0,"total-l4-payload-len":24647,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":473,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":473,"total-idle-flows":472,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2291,"global_ts_usec":1686591026824273} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":474,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591026824273,"flow_src_last_pkt_time":1686591026824273,"flow_dst_last_pkt_time":1686591026824273,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591026824273,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"74.111.203.55","src_port":56968,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":474,"flow_packet_id":1,"flow_src_last_pkt_time":1686591026824273,"flow_dst_last_pkt_time":1686591026824273,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686591026824273,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAO0RD9G4tKjwSm\/LN96IAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":474,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591026824273,"flow_src_last_pkt_time":1686591026824273,"flow_dst_last_pkt_time":1686591026824273,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591026824273,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"74.111.203.55","src_port":56968,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686590370864320,"flow_src_last_pkt_time":1686590370864320,"flow_dst_last_pkt_time":1686590370864320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591026824273,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":57887,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":481,"packets-processed":480,"total-skipped-flows":0,"total-l4-payload-len":24745,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":474,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":474,"total-idle-flows":473,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2296,"global_ts_usec":1686591654230904} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591654230904,"flow_src_last_pkt_time":1686591654230904,"flow_dst_last_pkt_time":1686591654230904,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591654230904,"l3_proto":"ip4","src_ip":"16.131.191.144","dst_ip":"90.145.180.58","src_port":57563,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":475,"flow_packet_id":1,"flow_src_last_pkt_time":1686591654230904,"flow_dst_last_pkt_time":1686591654230904,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686591654230904,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPIRpSYQg7+QWpG0OuDbAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591654230904,"flow_src_last_pkt_time":1686591654230904,"flow_dst_last_pkt_time":1686591654230904,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591654230904,"l3_proto":"ip4","src_ip":"16.131.191.144","dst_ip":"90.145.180.58","src_port":57563,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":482,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":474,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591026824273,"flow_src_last_pkt_time":1686591026824273,"flow_dst_last_pkt_time":1686591026824273,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591654230904,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"74.111.203.55","src_port":56968,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":482,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":476,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592164666841,"flow_src_last_pkt_time":1686592164666841,"flow_dst_last_pkt_time":1686592164666841,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592164666841,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.114.202.61","src_port":33195,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":482,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":476,"flow_packet_id":1,"flow_src_last_pkt_time":1686592164666841,"flow_dst_last_pkt_time":1686592164666841,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686592164666841,"pkt":"AAwp30Y4PJTVQTiBCABFCAA11DEAAPERM3atoQqtpXLKPYGrAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":482,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":476,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592164666841,"flow_src_last_pkt_time":1686592164666841,"flow_dst_last_pkt_time":1686592164666841,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592164666841,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.114.202.61","src_port":33195,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591654230904,"flow_src_last_pkt_time":1686591654230904,"flow_dst_last_pkt_time":1686591654230904,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592164666841,"l3_proto":"ip4","src_ip":"16.131.191.144","dst_ip":"90.145.180.58","src_port":57563,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":483,"packets-processed":482,"total-skipped-flows":0,"total-l4-payload-len":24868,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":476,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":476,"total-idle-flows":475,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2305,"global_ts_usec":1686592363602889} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":477,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592363602889,"flow_src_last_pkt_time":1686592363602889,"flow_dst_last_pkt_time":1686592363602889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592363602889,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.147.171.51","src_port":48688,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":477,"flow_packet_id":1,"flow_src_last_pkt_time":1686592363602889,"flow_dst_last_pkt_time":1686592363602889,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686592363602889,"pkt":"AAwp30Y4PJTVQTiBCABFCAA11DEAAPERM4KtoQqtWpOrM74wAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":477,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592363602889,"flow_src_last_pkt_time":1686592363602889,"flow_dst_last_pkt_time":1686592363602889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592363602889,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.147.171.51","src_port":48688,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":476,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592164666841,"flow_src_last_pkt_time":1686592164666841,"flow_dst_last_pkt_time":1686592164666841,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592363602889,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.114.202.61","src_port":33195,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":484,"packets-processed":483,"total-skipped-flows":0,"total-l4-payload-len":24893,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":477,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":477,"total-idle-flows":476,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2310,"global_ts_usec":1686596322335333} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686596322335333,"flow_src_last_pkt_time":1686596322335333,"flow_dst_last_pkt_time":1686596322335333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686596322335333,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"165.144.84.62","src_port":41269,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":478,"flow_packet_id":1,"flow_src_last_pkt_time":1686596322335333,"flow_dst_last_pkt_time":1686596322335333,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686596322335333,"pkt":"AAwp30Y4PJTVQTiBCABFCABLns0AACQRJZHnJlLdpZBUPqE1AasAN3xDAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686596322335333,"flow_src_last_pkt_time":1686596322335333,"flow_dst_last_pkt_time":1686596322335333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686596322335333,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"165.144.84.62","src_port":41269,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":477,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592363602889,"flow_src_last_pkt_time":1686592363602889,"flow_dst_last_pkt_time":1686592363602889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686596322335333,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.147.171.51","src_port":48688,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":485,"packets-processed":484,"total-skipped-flows":0,"total-l4-payload-len":24940,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":478,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":478,"total-idle-flows":477,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2315,"global_ts_usec":1686602955779893} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686602955779893,"flow_src_last_pkt_time":1686602955779893,"flow_dst_last_pkt_time":1686602955779893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686602955779893,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":14173,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":479,"flow_packet_id":1,"flow_src_last_pkt_time":1686602955779893,"flow_dst_last_pkt_time":1686602955779893,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686602955779893,"pkt":"bpHurUgdPJTVQTiBCABFCABLVG4AACIRdj0j\/EVxRW27NjddAasAN+poAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686602955779893,"flow_src_last_pkt_time":1686602955779893,"flow_dst_last_pkt_time":1686602955779893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686602955779893,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":14173,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686596322335333,"flow_src_last_pkt_time":1686596322335333,"flow_dst_last_pkt_time":1686596322335333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686602955779893,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"165.144.84.62","src_port":41269,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":486,"packets-processed":485,"total-skipped-flows":0,"total-l4-payload-len":24987,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":479,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":479,"total-idle-flows":478,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2320,"global_ts_usec":1686608660321945} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":480,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686608660321945,"flow_src_last_pkt_time":1686608660321945,"flow_dst_last_pkt_time":1686608660321945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686608660321945,"l3_proto":"ip4","src_ip":"173.19.223.218","dst_ip":"85.111.52.57","src_port":54527,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":480,"flow_packet_id":1,"flow_src_last_pkt_time":1686608660321945,"flow_dst_last_pkt_time":1686608660321945,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686608660321945,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPoRXtitE9\/aVW80OdT\/AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":480,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686608660321945,"flow_src_last_pkt_time":1686608660321945,"flow_dst_last_pkt_time":1686608660321945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686608660321945,"l3_proto":"ip4","src_ip":"173.19.223.218","dst_ip":"85.111.52.57","src_port":54527,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686602955779893,"flow_src_last_pkt_time":1686602955779893,"flow_dst_last_pkt_time":1686602955779893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686608660321945,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":14173,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":487,"packets-processed":486,"total-skipped-flows":0,"total-l4-payload-len":25016,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":480,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":480,"total-idle-flows":479,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2325,"global_ts_usec":1686612659801075} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686612659801075,"flow_src_last_pkt_time":1686612659801075,"flow_dst_last_pkt_time":1686612659801075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686612659801075,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"90.145.180.58","src_port":52104,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":481,"flow_packet_id":1,"flow_src_last_pkt_time":1686612659801075,"flow_dst_last_pkt_time":1686612659801075,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686612659801075,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPoRXtrQ8\/jUWpG0OsuIAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686612659801075,"flow_src_last_pkt_time":1686612659801075,"flow_dst_last_pkt_time":1686612659801075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686612659801075,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"90.145.180.58","src_port":52104,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":480,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686608660321945,"flow_src_last_pkt_time":1686608660321945,"flow_dst_last_pkt_time":1686608660321945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686612659801075,"l3_proto":"ip4","src_ip":"173.19.223.218","dst_ip":"85.111.52.57","src_port":54527,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686613204876638,"flow_src_last_pkt_time":1686613204876638,"flow_dst_last_pkt_time":1686613204876638,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686613204876638,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"165.114.202.61","src_port":18087,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":482,"flow_packet_id":1,"flow_src_last_pkt_time":1686613204876638,"flow_dst_last_pkt_time":1686613204876638,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686613204876638,"pkt":"AAwp30Y4PJTVQTiBCABFCABL8UEAACIR2W0nO4t5pXLKPUanAasAN9siAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686613204876638,"flow_src_last_pkt_time":1686613204876638,"flow_dst_last_pkt_time":1686613204876638,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686613204876638,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"165.114.202.61","src_port":18087,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686612659801075,"flow_src_last_pkt_time":1686612659801075,"flow_dst_last_pkt_time":1686612659801075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686613204876638,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"90.145.180.58","src_port":52104,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":489,"packets-processed":488,"total-skipped-flows":0,"total-l4-payload-len":25092,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":482,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":482,"total-idle-flows":481,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2334,"global_ts_usec":1686615481954219} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":483,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686615481954219,"flow_src_last_pkt_time":1686615481954219,"flow_dst_last_pkt_time":1686615481954219,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686615481954219,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"69.109.187.54","src_port":33095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":483,"flow_packet_id":1,"flow_src_last_pkt_time":1686615481954219,"flow_dst_last_pkt_time":1686615481954219,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686615481954219,"pkt":"bpHurUgdPJTVQTiBCABFCAA11DEAAPERM3+toQqtRW27NoFHAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":483,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686615481954219,"flow_src_last_pkt_time":1686615481954219,"flow_dst_last_pkt_time":1686615481954219,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686615481954219,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"69.109.187.54","src_port":33095,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686613204876638,"flow_src_last_pkt_time":1686613204876638,"flow_dst_last_pkt_time":1686613204876638,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686615481954219,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"165.114.202.61","src_port":18087,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":490,"packets-processed":489,"total-skipped-flows":0,"total-l4-payload-len":25117,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":483,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":483,"total-idle-flows":482,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2339,"global_ts_usec":1686616634395567} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686616634395567,"flow_src_last_pkt_time":1686616634395567,"flow_dst_last_pkt_time":1686616634395567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686616634395567,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"85.111.52.57","src_port":42481,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":484,"flow_packet_id":1,"flow_src_last_pkt_time":1686616634395567,"flow_dst_last_pkt_time":1686616634395567,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686616634395567,"pkt":"moT+\/Ph8PJTVQTiBCABFBAA11DEAAOURP3+toQqtVW80OaXxAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686616634395567,"flow_src_last_pkt_time":1686616634395567,"flow_dst_last_pkt_time":1686616634395567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686616634395567,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"85.111.52.57","src_port":42481,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":483,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686615481954219,"flow_src_last_pkt_time":1686615481954219,"flow_dst_last_pkt_time":1686615481954219,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686616634395567,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"69.109.187.54","src_port":33095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686617105964842,"flow_src_last_pkt_time":1686617105964842,"flow_dst_last_pkt_time":1686617105964842,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686617105964842,"l3_proto":"ip4","src_ip":"70.210.68.170","dst_ip":"90.111.212.50","src_port":50121,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":485,"flow_packet_id":1,"flow_src_last_pkt_time":1686617105964842,"flow_dst_last_pkt_time":1686617105964842,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686617105964842,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbgVG0kSqWm\/UMsPJAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686617105964842,"flow_src_last_pkt_time":1686617105964842,"flow_dst_last_pkt_time":1686617105964842,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686617105964842,"l3_proto":"ip4","src_ip":"70.210.68.170","dst_ip":"90.111.212.50","src_port":50121,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686616634395567,"flow_src_last_pkt_time":1686616634395567,"flow_dst_last_pkt_time":1686616634395567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686617105964842,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"85.111.52.57","src_port":42481,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":492,"packets-processed":491,"total-skipped-flows":0,"total-l4-payload-len":25171,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":485,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":485,"total-idle-flows":484,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2348,"global_ts_usec":1686621073847677} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621073847677,"flow_src_last_pkt_time":1686621073847677,"flow_dst_last_pkt_time":1686621073847677,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621073847677,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.145.180.58","src_port":51729,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":486,"flow_packet_id":1,"flow_src_last_pkt_time":1686621073847677,"flow_dst_last_pkt_time":1686621073847677,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686621073847677,"pkt":"bs1PogZtPJTVQTiBCABFCABLfhMAACIRTJ3jx1p6WpG0OsoRAasAN1e5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621073847677,"flow_src_last_pkt_time":1686621073847677,"flow_dst_last_pkt_time":1686621073847677,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621073847677,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.145.180.58","src_port":51729,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686617105964842,"flow_src_last_pkt_time":1686617105964842,"flow_dst_last_pkt_time":1686617105964842,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621073847677,"l3_proto":"ip4","src_ip":"70.210.68.170","dst_ip":"90.111.212.50","src_port":50121,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":493,"packets-processed":492,"total-skipped-flows":0,"total-l4-payload-len":25218,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":486,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":486,"total-idle-flows":485,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2353,"global_ts_usec":1686621999752750} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621999752750,"flow_src_last_pkt_time":1686621999752750,"flow_dst_last_pkt_time":1686621999752750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621999752750,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"74.111.203.55","src_port":56820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":487,"flow_packet_id":1,"flow_src_last_pkt_time":1686621999752750,"flow_dst_last_pkt_time":1686621999752750,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686621999752750,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbdmh54D1Sm\/LN930AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621999752750,"flow_src_last_pkt_time":1686621999752750,"flow_dst_last_pkt_time":1686621999752750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621999752750,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"74.111.203.55","src_port":56820,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621073847677,"flow_src_last_pkt_time":1686621073847677,"flow_dst_last_pkt_time":1686621073847677,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621999752750,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.145.180.58","src_port":51729,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686622450094352,"flow_src_last_pkt_time":1686622450094352,"flow_dst_last_pkt_time":1686622450094352,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686622450094352,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"74.111.203.55","src_port":55131,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":488,"flow_packet_id":1,"flow_src_last_pkt_time":1686622450094352,"flow_dst_last_pkt_time":1686622450094352,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686622450094352,"pkt":"ipffLU2SPJTVQTiBCABFBAA11DEAAOURP4StoQqtSm\/LN9dbAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686622450094352,"flow_src_last_pkt_time":1686622450094352,"flow_dst_last_pkt_time":1686622450094352,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686622450094352,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"74.111.203.55","src_port":55131,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621999752750,"flow_src_last_pkt_time":1686621999752750,"flow_dst_last_pkt_time":1686621999752750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686622450094352,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"74.111.203.55","src_port":56820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":495,"packets-processed":494,"total-skipped-flows":0,"total-l4-payload-len":25272,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":488,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":488,"total-idle-flows":487,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2362,"global_ts_usec":1686623052095688} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623052095688,"flow_src_last_pkt_time":1686623052095688,"flow_dst_last_pkt_time":1686623052095688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623052095688,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.114.202.61","src_port":14222,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":489,"flow_packet_id":1,"flow_src_last_pkt_time":1686623052095688,"flow_dst_last_pkt_time":1686623052095688,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686623052095688,"pkt":"AAwp30Y4PJTVQTiBCABFCABLa\/IAACQRWHZjx03TpXLKPTeOAasAN+X0AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623052095688,"flow_src_last_pkt_time":1686623052095688,"flow_dst_last_pkt_time":1686623052095688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623052095688,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.114.202.61","src_port":14222,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686622450094352,"flow_src_last_pkt_time":1686622450094352,"flow_dst_last_pkt_time":1686622450094352,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623052095688,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"74.111.203.55","src_port":55131,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":496,"packets-processed":495,"total-skipped-flows":0,"total-l4-payload-len":25319,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":489,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":489,"total-idle-flows":488,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2367,"global_ts_usec":1686623787230359} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623787230359,"flow_src_last_pkt_time":1686623787230359,"flow_dst_last_pkt_time":1686623787230359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623787230359,"l3_proto":"ip4","src_ip":"222.41.7.222","dst_ip":"90.147.171.51","src_port":55970,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":490,"flow_packet_id":1,"flow_src_last_pkt_time":1686623787230359,"flow_dst_last_pkt_time":1686623787230359,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686623787230359,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbcPeKQfeWpOrM9qiAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623787230359,"flow_src_last_pkt_time":1686623787230359,"flow_dst_last_pkt_time":1686623787230359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623787230359,"l3_proto":"ip4","src_ip":"222.41.7.222","dst_ip":"90.147.171.51","src_port":55970,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623052095688,"flow_src_last_pkt_time":1686623052095688,"flow_dst_last_pkt_time":1686623052095688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623787230359,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.114.202.61","src_port":14222,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":497,"packets-processed":496,"total-skipped-flows":0,"total-l4-payload-len":25348,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":490,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":490,"total-idle-flows":489,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2372,"global_ts_usec":1686625900350760} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686625900350760,"flow_src_last_pkt_time":1686625900350760,"flow_dst_last_pkt_time":1686625900350760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686625900350760,"l3_proto":"ip4","src_ip":"89.28.95.249","dst_ip":"165.144.84.62","src_port":56710,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":491,"flow_packet_id":1,"flow_src_last_pkt_time":1686625900350760,"flow_dst_last_pkt_time":1686625900350760,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686625900350760,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbc1ZHF\/5pZBUPt2GAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686625900350760,"flow_src_last_pkt_time":1686625900350760,"flow_dst_last_pkt_time":1686625900350760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686625900350760,"l3_proto":"ip4","src_ip":"89.28.95.249","dst_ip":"165.144.84.62","src_port":56710,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623787230359,"flow_src_last_pkt_time":1686623787230359,"flow_dst_last_pkt_time":1686623787230359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686625900350760,"l3_proto":"ip4","src_ip":"222.41.7.222","dst_ip":"90.147.171.51","src_port":55970,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":498,"packets-processed":497,"total-skipped-flows":0,"total-l4-payload-len":25377,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":491,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":491,"total-idle-flows":490,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2377,"global_ts_usec":1686628530442979} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686628530442979,"flow_src_last_pkt_time":1686628530442979,"flow_dst_last_pkt_time":1686628530442979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686628530442979,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"74.111.203.55","src_port":16312,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":492,"flow_packet_id":1,"flow_src_last_pkt_time":1686628530442979,"flow_dst_last_pkt_time":1686628530442979,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686628530442979,"pkt":"ipffLU2SPJTVQTiBCABFAAA+QgFAADQR6spVL+CrSm\/LNz+4AasAKhXQAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686628530442979,"flow_src_last_pkt_time":1686628530442979,"flow_dst_last_pkt_time":1686628530442979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686628530442979,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"74.111.203.55","src_port":16312,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":499,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686625900350760,"flow_src_last_pkt_time":1686625900350760,"flow_dst_last_pkt_time":1686625900350760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686628530442979,"l3_proto":"ip4","src_ip":"89.28.95.249","dst_ip":"165.144.84.62","src_port":56710,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":499,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686628814387687,"flow_src_last_pkt_time":1686628814387687,"flow_dst_last_pkt_time":1686628814387687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686628814387687,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"165.144.84.62","src_port":46040,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":499,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":493,"flow_packet_id":1,"flow_src_last_pkt_time":1686628814387687,"flow_dst_last_pkt_time":1686628814387687,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686628814387687,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+Uh9AADQR2qNVL+CrpZBUPrPYAasAKqGmAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":499,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686628814387687,"flow_src_last_pkt_time":1686628814387687,"flow_dst_last_pkt_time":1686628814387687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686628814387687,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"165.144.84.62","src_port":46040,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686628530442979,"flow_src_last_pkt_time":1686628530442979,"flow_dst_last_pkt_time":1686628530442979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686628814387687,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"74.111.203.55","src_port":16312,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629067407805,"flow_src_last_pkt_time":1686629067407805,"flow_dst_last_pkt_time":1686629067407805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629067407805,"l3_proto":"ip4","src_ip":"74.142.40.174","dst_ip":"90.141.37.56","src_port":10528,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":494,"flow_packet_id":1,"flow_src_last_pkt_time":1686629067407805,"flow_dst_last_pkt_time":1686629067407805,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686629067407805,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+joxAADQRnjdKjiiuWo0lOCkgAasAKixgAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629067407805,"flow_src_last_pkt_time":1686629067407805,"flow_dst_last_pkt_time":1686629067407805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629067407805,"l3_proto":"ip4","src_ip":"74.142.40.174","dst_ip":"90.141.37.56","src_port":10528,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686628814387687,"flow_src_last_pkt_time":1686628814387687,"flow_dst_last_pkt_time":1686628814387687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629067407805,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"165.144.84.62","src_port":46040,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":501,"packets-processed":500,"total-skipped-flows":0,"total-l4-payload-len":25479,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":494,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":494,"total-idle-flows":493,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2390,"global_ts_usec":1686629318462692} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629318462692,"flow_src_last_pkt_time":1686629318462692,"flow_dst_last_pkt_time":1686629318462692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629318462692,"l3_proto":"ip4","src_ip":"85.174.88.154","dst_ip":"69.109.187.54","src_port":20504,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":495,"flow_packet_id":1,"flow_src_last_pkt_time":1686629318462692,"flow_dst_last_pkt_time":1686629318462692,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686629318462692,"pkt":"bpHurUgdPJTVQTiBCABFAAA+O+VAADQR8QlVrliaRW27NlAYAasAKgWTAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629318462692,"flow_src_last_pkt_time":1686629318462692,"flow_dst_last_pkt_time":1686629318462692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629318462692,"l3_proto":"ip4","src_ip":"85.174.88.154","dst_ip":"69.109.187.54","src_port":20504,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629067407805,"flow_src_last_pkt_time":1686629067407805,"flow_dst_last_pkt_time":1686629067407805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629318462692,"l3_proto":"ip4","src_ip":"74.142.40.174","dst_ip":"90.141.37.56","src_port":10528,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":502,"packets-processed":501,"total-skipped-flows":0,"total-l4-payload-len":25513,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":495,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":495,"total-idle-flows":494,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2395,"global_ts_usec":1686629919351142} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629919351142,"flow_src_last_pkt_time":1686629919351142,"flow_dst_last_pkt_time":1686629919351142,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629919351142,"l3_proto":"ip4","src_ip":"170.238.168.143","dst_ip":"85.111.52.57","src_port":62476,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":496,"flow_packet_id":1,"flow_src_last_pkt_time":1686629919351142,"flow_dst_last_pkt_time":1686629919351142,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686629919351142,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+qEdAADQRhJOq7qiPVW80OfQMAasAKmGKAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629919351142,"flow_src_last_pkt_time":1686629919351142,"flow_dst_last_pkt_time":1686629919351142,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629919351142,"l3_proto":"ip4","src_ip":"170.238.168.143","dst_ip":"85.111.52.57","src_port":62476,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629318462692,"flow_src_last_pkt_time":1686629318462692,"flow_dst_last_pkt_time":1686629318462692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629919351142,"l3_proto":"ip4","src_ip":"85.174.88.154","dst_ip":"69.109.187.54","src_port":20504,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630406259808,"flow_src_last_pkt_time":1686630406259808,"flow_dst_last_pkt_time":1686630406259808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630406259808,"l3_proto":"ip4","src_ip":"170.18.87.162","dst_ip":"186.112.202.53","src_port":58469,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":497,"flow_packet_id":1,"flow_src_last_pkt_time":1686630406259808,"flow_dst_last_pkt_time":1686630406259808,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686630406259808,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+BwVAADQRJc2qEleiunDKNeRlAasAKnEoAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630406259808,"flow_src_last_pkt_time":1686630406259808,"flow_dst_last_pkt_time":1686630406259808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630406259808,"l3_proto":"ip4","src_ip":"170.18.87.162","dst_ip":"186.112.202.53","src_port":58469,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629919351142,"flow_src_last_pkt_time":1686629919351142,"flow_dst_last_pkt_time":1686629919351142,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630406259808,"l3_proto":"ip4","src_ip":"170.238.168.143","dst_ip":"85.111.52.57","src_port":62476,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630430100534,"flow_src_last_pkt_time":1686630430100534,"flow_dst_last_pkt_time":1686630430100534,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630430100534,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"90.111.212.50","src_port":16312,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":498,"flow_packet_id":1,"flow_src_last_pkt_time":1686630430100534,"flow_dst_last_pkt_time":1686630430100534,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686630430100534,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+f8pAADQRrQJVL+CrWm\/UMj+4AasAKhXRAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630430100534,"flow_src_last_pkt_time":1686630430100534,"flow_dst_last_pkt_time":1686630430100534,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630430100534,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"90.111.212.50","src_port":16312,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630458164673,"flow_src_last_pkt_time":1686630458164673,"flow_dst_last_pkt_time":1686630458164673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630458164673,"l3_proto":"ip4","src_ip":"170.243.40.186","dst_ip":"165.114.202.61","src_port":35528,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":499,"flow_packet_id":1,"flow_src_last_pkt_time":1686630458164673,"flow_dst_last_pkt_time":1686630458164673,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686630458164673,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+D4ZAADQRHSyq8yi6pXLKPYrIAasAKsqlAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630458164673,"flow_src_last_pkt_time":1686630458164673,"flow_dst_last_pkt_time":1686630458164673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630458164673,"l3_proto":"ip4","src_ip":"170.243.40.186","dst_ip":"165.114.202.61","src_port":35528,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630406259808,"flow_src_last_pkt_time":1686630406259808,"flow_dst_last_pkt_time":1686630406259808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630458164673,"l3_proto":"ip4","src_ip":"170.18.87.162","dst_ip":"186.112.202.53","src_port":58469,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":506,"packets-processed":505,"total-skipped-flows":0,"total-l4-payload-len":25649,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":499,"total-detection-updates":0,"total-updates":89,"current-active-flows":3,"total-active-flows":499,"total-idle-flows":496,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2411,"global_ts_usec":1686630725136169} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630725136169,"flow_src_last_pkt_time":1686630725136169,"flow_dst_last_pkt_time":1686630725136169,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"74.239.16.156","dst_ip":"90.145.180.58","src_port":46464,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":500,"flow_packet_id":1,"flow_src_last_pkt_time":1686630725136169,"flow_dst_last_pkt_time":1686630725136169,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686630725136169,"pkt":"bs1PogZtPJTVQTiBCABFAAA+gpBAADQRqlxK7xCcWpG0OrWAAasAKqAoAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630725136169,"flow_src_last_pkt_time":1686630725136169,"flow_dst_last_pkt_time":1686630725136169,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"74.239.16.156","dst_ip":"90.145.180.58","src_port":46464,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630430100534,"flow_src_last_pkt_time":1686630430100534,"flow_dst_last_pkt_time":1686630430100534,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"90.111.212.50","src_port":16312,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630406259808,"flow_src_last_pkt_time":1686630406259808,"flow_dst_last_pkt_time":1686630406259808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"170.18.87.162","dst_ip":"186.112.202.53","src_port":58469,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630458164673,"flow_src_last_pkt_time":1686630458164673,"flow_dst_last_pkt_time":1686630458164673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"170.243.40.186","dst_ip":"165.114.202.61","src_port":35528,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":507,"packets-processed":506,"total-skipped-flows":0,"total-l4-payload-len":25683,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":500,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":500,"total-idle-flows":499,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2418,"global_ts_usec":1686633699223089} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686633699223089,"flow_src_last_pkt_time":1686633699223089,"flow_dst_last_pkt_time":1686633699223089,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686633699223089,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":46588,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":501,"flow_packet_id":1,"flow_src_last_pkt_time":1686633699223089,"flow_dst_last_pkt_time":1686633699223089,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686633699223089,"pkt":"AAwp30Y4PJTVQTiBCABFCABL7LwAACIR3egjAGRzpZBUPrX8AasAN2vDAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686633699223089,"flow_src_last_pkt_time":1686633699223089,"flow_dst_last_pkt_time":1686633699223089,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686633699223089,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":46588,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630725136169,"flow_src_last_pkt_time":1686630725136169,"flow_dst_last_pkt_time":1686630725136169,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686633699223089,"l3_proto":"ip4","src_ip":"74.239.16.156","dst_ip":"90.145.180.58","src_port":46464,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":508,"packets-processed":507,"total-skipped-flows":0,"total-l4-payload-len":25730,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":501,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":501,"total-idle-flows":500,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2423,"global_ts_usec":1686635615867515} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686635615867515,"flow_src_last_pkt_time":1686635615867515,"flow_dst_last_pkt_time":1686635615867515,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686635615867515,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.147.171.51","src_port":17542,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":502,"flow_packet_id":1,"flow_src_last_pkt_time":1686635615867515,"flow_dst_last_pkt_time":1686635615867515,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686635615867515,"pkt":"AAwp30Y4PJTVQTiBCABFCABLHKcAACQRp8jjhlHUWpOrM0SGAasAN9kDAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686635615867515,"flow_src_last_pkt_time":1686635615867515,"flow_dst_last_pkt_time":1686635615867515,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686635615867515,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.147.171.51","src_port":17542,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686633699223089,"flow_src_last_pkt_time":1686633699223089,"flow_dst_last_pkt_time":1686633699223089,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686635615867515,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":46588,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":509,"packets-processed":508,"total-skipped-flows":0,"total-l4-payload-len":25777,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":502,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":502,"total-idle-flows":501,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2428,"global_ts_usec":1686645708313834} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686645708313834,"flow_src_last_pkt_time":1686645708313834,"flow_dst_last_pkt_time":1686645708313834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686645708313834,"l3_proto":"ip4","src_ip":"93.36.35.136","dst_ip":"165.114.202.61","src_port":56600,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":503,"flow_packet_id":1,"flow_src_last_pkt_time":1686645708313834,"flow_dst_last_pkt_time":1686645708313834,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686645708313834,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbhVdJCOIpXLKPd0YAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686645708313834,"flow_src_last_pkt_time":1686645708313834,"flow_dst_last_pkt_time":1686645708313834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686645708313834,"l3_proto":"ip4","src_ip":"93.36.35.136","dst_ip":"165.114.202.61","src_port":56600,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686635615867515,"flow_src_last_pkt_time":1686635615867515,"flow_dst_last_pkt_time":1686635615867515,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686645708313834,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.147.171.51","src_port":17542,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":510,"packets-processed":509,"total-skipped-flows":0,"total-l4-payload-len":25806,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":503,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":503,"total-idle-flows":502,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2433,"global_ts_usec":1686648509180305} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648509180305,"flow_src_last_pkt_time":1686648509180305,"flow_dst_last_pkt_time":1686648509180305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648509180305,"l3_proto":"ip4","src_ip":"76.50.135.245","dst_ip":"90.141.37.56","src_port":51836,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":504,"flow_packet_id":1,"flow_src_last_pkt_time":1686648509180305,"flow_dst_last_pkt_time":1686648509180305,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686648509180305,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRXu5MMof1Wo0lOMp8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648509180305,"flow_src_last_pkt_time":1686648509180305,"flow_dst_last_pkt_time":1686648509180305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648509180305,"l3_proto":"ip4","src_ip":"76.50.135.245","dst_ip":"90.141.37.56","src_port":51836,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":511,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686645708313834,"flow_src_last_pkt_time":1686645708313834,"flow_dst_last_pkt_time":1686645708313834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648509180305,"l3_proto":"ip4","src_ip":"93.36.35.136","dst_ip":"165.114.202.61","src_port":56600,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":511,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648822385793,"flow_src_last_pkt_time":1686648822385793,"flow_dst_last_pkt_time":1686648822385793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648822385793,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"69.109.187.54","src_port":55374,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":511,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":505,"flow_packet_id":1,"flow_src_last_pkt_time":1686648822385793,"flow_dst_last_pkt_time":1686648822385793,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686648822385793,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRbOVFJOfmRW27NthOAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":511,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648822385793,"flow_src_last_pkt_time":1686648822385793,"flow_dst_last_pkt_time":1686648822385793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648822385793,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"69.109.187.54","src_port":55374,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648509180305,"flow_src_last_pkt_time":1686648509180305,"flow_dst_last_pkt_time":1686648509180305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648822385793,"l3_proto":"ip4","src_ip":"76.50.135.245","dst_ip":"90.141.37.56","src_port":51836,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":512,"packets-processed":511,"total-skipped-flows":0,"total-l4-payload-len":25864,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":505,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":505,"total-idle-flows":504,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2442,"global_ts_usec":1686659729108378} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686659729108378,"flow_src_last_pkt_time":1686659729108378,"flow_dst_last_pkt_time":1686659729108378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686659729108378,"l3_proto":"ip4","src_ip":"122.122.167.9","dst_ip":"90.141.37.56","src_port":43646,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":506,"flow_packet_id":1,"flow_src_last_pkt_time":1686659729108378,"flow_dst_last_pkt_time":1686659729108378,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686659729108378,"pkt":"3jHC4dyOPJTVQTiBCABFCABSFQsAAO0Rd7F6eqcJWo0lOKp+AasAPpZZAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686659729108378,"flow_src_last_pkt_time":1686659729108378,"flow_dst_last_pkt_time":1686659729108378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686659729108378,"l3_proto":"ip4","src_ip":"122.122.167.9","dst_ip":"90.141.37.56","src_port":43646,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648822385793,"flow_src_last_pkt_time":1686648822385793,"flow_dst_last_pkt_time":1686648822385793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686659729108378,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"69.109.187.54","src_port":55374,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":513,"packets-processed":512,"total-skipped-flows":0,"total-l4-payload-len":25918,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":506,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":506,"total-idle-flows":505,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2447,"global_ts_usec":1686665626336271} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686665626336271,"flow_src_last_pkt_time":1686665626336271,"flow_dst_last_pkt_time":1686665626336271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686665626336271,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":48498,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":507,"flow_packet_id":1,"flow_src_last_pkt_time":1686665626336271,"flow_dst_last_pkt_time":1686665626336271,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686665626336271,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPb1yAasAJSz9AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686665626336271,"flow_src_last_pkt_time":1686665626336271,"flow_dst_last_pkt_time":1686665626336271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686665626336271,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":48498,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686659729108378,"flow_src_last_pkt_time":1686659729108378,"flow_dst_last_pkt_time":1686659729108378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686665626336271,"l3_proto":"ip4","src_ip":"122.122.167.9","dst_ip":"90.141.37.56","src_port":43646,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":514,"packets-processed":513,"total-skipped-flows":0,"total-l4-payload-len":25947,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":507,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":507,"total-idle-flows":506,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2452,"global_ts_usec":1686666893687687} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666893687687,"flow_src_last_pkt_time":1686666893687687,"flow_dst_last_pkt_time":1686666893687687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666893687687,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":35848,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":508,"flow_packet_id":1,"flow_src_last_pkt_time":1686666893687687,"flow_dst_last_pkt_time":1686666893687687,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686666893687687,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPURKLTIH5CeWpG0OowIAasAJV5qAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666893687687,"flow_src_last_pkt_time":1686666893687687,"flow_dst_last_pkt_time":1686666893687687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666893687687,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":35848,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":515,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686665626336271,"flow_src_last_pkt_time":1686665626336271,"flow_dst_last_pkt_time":1686665626336271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666893687687,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":48498,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":515,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666997632966,"flow_src_last_pkt_time":1686666997632966,"flow_dst_last_pkt_time":1686666997632966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666997632966,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":38264,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":515,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":509,"flow_packet_id":1,"flow_src_last_pkt_time":1686666997632966,"flow_dst_last_pkt_time":1686666997632966,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686666997632966,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27NpV4AasAJVUAAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":515,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666997632966,"flow_src_last_pkt_time":1686666997632966,"flow_dst_last_pkt_time":1686666997632966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666997632966,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":38264,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666893687687,"flow_src_last_pkt_time":1686666893687687,"flow_dst_last_pkt_time":1686666893687687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666997632966,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":35848,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":516,"packets-processed":515,"total-skipped-flows":0,"total-l4-payload-len":26005,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":509,"total-detection-updates":0,"total-updates":90,"current-active-flows":2,"total-active-flows":509,"total-idle-flows":507,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2461,"global_ts_usec":1686668729813725} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668729813725,"flow_src_last_pkt_time":1686668729813725,"flow_dst_last_pkt_time":1686668729813725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668729813725,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":49404,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":510,"flow_packet_id":1,"flow_src_last_pkt_time":1686668729813725,"flow_dst_last_pkt_time":1686668729813725,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686668729813725,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80OcD8AasAJSl4AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668729813725,"flow_src_last_pkt_time":1686668729813725,"flow_dst_last_pkt_time":1686668729813725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668729813725,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":49404,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666997632966,"flow_src_last_pkt_time":1686666997632966,"flow_dst_last_pkt_time":1686666997632966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668729813725,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":38264,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666893687687,"flow_src_last_pkt_time":1686666893687687,"flow_dst_last_pkt_time":1686666893687687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668729813725,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":35848,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668903038990,"flow_src_last_pkt_time":1686668903038990,"flow_dst_last_pkt_time":1686668903038990,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668903038990,"l3_proto":"ip4","src_ip":"239.131.160.152","dst_ip":"90.147.171.51","src_port":40653,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":511,"flow_packet_id":1,"flow_src_last_pkt_time":1686668903038990,"flow_dst_last_pkt_time":1686668903038990,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686668903038990,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpTfvg6CYWpOrM57NAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668903038990,"flow_src_last_pkt_time":1686668903038990,"flow_dst_last_pkt_time":1686668903038990,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668903038990,"l3_proto":"ip4","src_ip":"239.131.160.152","dst_ip":"90.147.171.51","src_port":40653,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668729813725,"flow_src_last_pkt_time":1686668729813725,"flow_dst_last_pkt_time":1686668729813725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668903038990,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":49404,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":518,"packets-processed":517,"total-skipped-flows":0,"total-l4-payload-len":26132,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":511,"total-detection-updates":0,"total-updates":91,"current-active-flows":2,"total-active-flows":511,"total-idle-flows":509,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2471,"global_ts_usec":1686669522645622} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669522645622,"flow_src_last_pkt_time":1686669522645622,"flow_dst_last_pkt_time":1686669522645622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669522645622,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":33216,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":512,"flow_packet_id":1,"flow_src_last_pkt_time":1686669522645622,"flow_dst_last_pkt_time":1686669522645622,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686669522645622,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPoHAAasAJWiwAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669522645622,"flow_src_last_pkt_time":1686669522645622,"flow_dst_last_pkt_time":1686669522645622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669522645622,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":33216,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":519,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668729813725,"flow_src_last_pkt_time":1686668729813725,"flow_dst_last_pkt_time":1686668729813725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669522645622,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":49404,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":519,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668903038990,"flow_src_last_pkt_time":1686668903038990,"flow_dst_last_pkt_time":1686668903038990,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669522645622,"l3_proto":"ip4","src_ip":"239.131.160.152","dst_ip":"90.147.171.51","src_port":40653,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":519,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":513,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669776235316,"flow_src_last_pkt_time":1686669776235316,"flow_dst_last_pkt_time":1686669776235316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669776235316,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":42236,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":519,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":513,"flow_packet_id":1,"flow_src_last_pkt_time":1686669776235316,"flow_dst_last_pkt_time":1686669776235316,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686669776235316,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM6T8AasAJUV\/AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":519,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":513,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669776235316,"flow_src_last_pkt_time":1686669776235316,"flow_dst_last_pkt_time":1686669776235316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669776235316,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":42236,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":520,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669522645622,"flow_src_last_pkt_time":1686669522645622,"flow_dst_last_pkt_time":1686669522645622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669776235316,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":33216,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":520,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669802055928,"flow_src_last_pkt_time":1686669802055928,"flow_dst_last_pkt_time":1686669802055928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669802055928,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"74.111.203.55","src_port":51278,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":520,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":514,"flow_packet_id":1,"flow_src_last_pkt_time":1686669802055928,"flow_dst_last_pkt_time":1686669802055928,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686669802055928,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPIRpSnthLCISm\/LN8hOAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":520,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669802055928,"flow_src_last_pkt_time":1686669802055928,"flow_dst_last_pkt_time":1686669802055928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669802055928,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"74.111.203.55","src_port":51278,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":521,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":521,"packets-processed":520,"total-skipped-flows":0,"total-l4-payload-len":26288,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":514,"total-detection-updates":0,"total-updates":91,"current-active-flows":2,"total-active-flows":514,"total-idle-flows":512,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2484,"global_ts_usec":1686670236730839} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":521,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670236730839,"flow_src_last_pkt_time":1686670236730839,"flow_dst_last_pkt_time":1686670236730839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670236730839,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50377,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":521,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":515,"flow_packet_id":1,"flow_src_last_pkt_time":1686670236730839,"flow_dst_last_pkt_time":1686670236730839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686670236730839,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAPMRCZP2S2hzunDKNcTJAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":521,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670236730839,"flow_src_last_pkt_time":1686670236730839,"flow_dst_last_pkt_time":1686670236730839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670236730839,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50377,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":522,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":513,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669776235316,"flow_src_last_pkt_time":1686669776235316,"flow_dst_last_pkt_time":1686669776235316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670236730839,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":42236,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":522,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669802055928,"flow_src_last_pkt_time":1686669802055928,"flow_dst_last_pkt_time":1686669802055928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670236730839,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"74.111.203.55","src_port":51278,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":522,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670733471596,"flow_src_last_pkt_time":1686670733471596,"flow_dst_last_pkt_time":1686670733471596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670733471596,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":51457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":522,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":516,"flow_packet_id":1,"flow_src_last_pkt_time":1686670733471596,"flow_dst_last_pkt_time":1686670733471596,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686670733471596,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDMdGtG\/xpZBUPskBAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":522,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670733471596,"flow_src_last_pkt_time":1686670733471596,"flow_dst_last_pkt_time":1686670733471596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670733471596,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":51457,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":523,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670236730839,"flow_src_last_pkt_time":1686670236730839,"flow_dst_last_pkt_time":1686670236730839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670733471596,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50377,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":523,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670830957645,"flow_src_last_pkt_time":1686670830957645,"flow_dst_last_pkt_time":1686670830957645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670830957645,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":48231,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":523,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":517,"flow_packet_id":1,"flow_src_last_pkt_time":1686670830957645,"flow_dst_last_pkt_time":1686670830957645,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686670830957645,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPURKLnIH5CeunDKNbxnAasAJS4QAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":523,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670830957645,"flow_src_last_pkt_time":1686670830957645,"flow_dst_last_pkt_time":1686670830957645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670830957645,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":48231,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670733471596,"flow_src_last_pkt_time":1686670733471596,"flow_dst_last_pkt_time":1686670733471596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670830957645,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":51457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":524,"packets-processed":523,"total-skipped-flows":0,"total-l4-payload-len":26513,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":517,"total-detection-updates":0,"total-updates":92,"current-active-flows":2,"total-active-flows":517,"total-idle-flows":515,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2498,"global_ts_usec":1686671088394461} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671088394461,"flow_src_last_pkt_time":1686671088394461,"flow_dst_last_pkt_time":1686671088394461,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671088394461,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":55658,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":518,"flow_packet_id":1,"flow_src_last_pkt_time":1686671088394461,"flow_dst_last_pkt_time":1686671088394461,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686671088394461,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN9lqAasAJREPAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671088394461,"flow_src_last_pkt_time":1686671088394461,"flow_dst_last_pkt_time":1686671088394461,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671088394461,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":55658,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":525,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670830957645,"flow_src_last_pkt_time":1686670830957645,"flow_dst_last_pkt_time":1686670830957645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671088394461,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":48231,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":525,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670733471596,"flow_src_last_pkt_time":1686670733471596,"flow_dst_last_pkt_time":1686670733471596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671088394461,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":51457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":525,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671667122633,"flow_src_last_pkt_time":1686671667122633,"flow_dst_last_pkt_time":1686671667122633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671667122633,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.111.212.50","src_port":58316,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00647{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":525,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":519,"flow_packet_id":1,"flow_src_last_pkt_time":1686671667122633,"flow_dst_last_pkt_time":1686671667122633,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686671667122633,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDNFGtG\/xWm\/UMuPMAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":525,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671667122633,"flow_src_last_pkt_time":1686671667122633,"flow_dst_last_pkt_time":1686671667122633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671667122633,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.111.212.50","src_port":58316,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671088394461,"flow_src_last_pkt_time":1686671088394461,"flow_dst_last_pkt_time":1686671088394461,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671667122633,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":55658,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":526,"packets-processed":525,"total-skipped-flows":0,"total-l4-payload-len":26640,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":519,"total-detection-updates":0,"total-updates":92,"current-active-flows":1,"total-active-flows":519,"total-idle-flows":518,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2508,"global_ts_usec":1686672644862134} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":520,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686672644862134,"flow_src_last_pkt_time":1686672644862134,"flow_dst_last_pkt_time":1686672644862134,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686672644862134,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":45270,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":520,"flow_packet_id":1,"flow_src_last_pkt_time":1686672644862134,"flow_dst_last_pkt_time":1686672644862134,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686672644862134,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMrDWAasAJTmkAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":520,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686672644862134,"flow_src_last_pkt_time":1686672644862134,"flow_dst_last_pkt_time":1686672644862134,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686672644862134,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":45270,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671667122633,"flow_src_last_pkt_time":1686671667122633,"flow_dst_last_pkt_time":1686671667122633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686672644862134,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.111.212.50","src_port":58316,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":527,"packets-processed":526,"total-skipped-flows":0,"total-l4-payload-len":26669,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":520,"total-detection-updates":0,"total-updates":92,"current-active-flows":1,"total-active-flows":520,"total-idle-flows":519,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2513,"global_ts_usec":1686675995117787} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":521,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686675995117787,"flow_src_last_pkt_time":1686675995117787,"flow_dst_last_pkt_time":1686675995117787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686675995117787,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"69.109.187.54","src_port":54554,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":521,"flow_packet_id":1,"flow_src_last_pkt_time":1686675995117787,"flow_dst_last_pkt_time":1686675995117787,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686675995117787,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPMRCZPItJByRW27NtUaAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":521,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686675995117787,"flow_src_last_pkt_time":1686675995117787,"flow_dst_last_pkt_time":1686675995117787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686675995117787,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"69.109.187.54","src_port":54554,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":528,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":520,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686672644862134,"flow_src_last_pkt_time":1686672644862134,"flow_dst_last_pkt_time":1686672644862134,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686675995117787,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":45270,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":528,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":522,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676477972093,"flow_src_last_pkt_time":1686676477972093,"flow_dst_last_pkt_time":1686676477972093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686676477972093,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"85.111.52.57","src_port":56229,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":528,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":522,"flow_packet_id":1,"flow_src_last_pkt_time":1686676477972093,"flow_dst_last_pkt_time":1686676477972093,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686676477972093,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPIRpS7Qe7CaVW80OdulAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":528,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":522,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676477972093,"flow_src_last_pkt_time":1686676477972093,"flow_dst_last_pkt_time":1686676477972093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686676477972093,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"85.111.52.57","src_port":56229,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":521,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686675995117787,"flow_src_last_pkt_time":1686675995117787,"flow_dst_last_pkt_time":1686675995117787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686676477972093,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"69.109.187.54","src_port":54554,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":523,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676562888350,"flow_src_last_pkt_time":1686676562888350,"flow_dst_last_pkt_time":1686676562888350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686676562888350,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":57365,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":523,"flow_packet_id":1,"flow_src_last_pkt_time":1686676562888350,"flow_dst_last_pkt_time":1686676562888350,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686676562888350,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRCZH2S2hzWo0lOOAVAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":523,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676562888350,"flow_src_last_pkt_time":1686676562888350,"flow_dst_last_pkt_time":1686676562888350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686676562888350,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":57365,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":522,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676477972093,"flow_src_last_pkt_time":1686676477972093,"flow_dst_last_pkt_time":1686676477972093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686676562888350,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"85.111.52.57","src_port":56229,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":530,"packets-processed":529,"total-skipped-flows":0,"total-l4-payload-len":26963,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":523,"total-detection-updates":0,"total-updates":93,"current-active-flows":2,"total-active-flows":523,"total-idle-flows":521,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2526,"global_ts_usec":1686680332589205} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":524,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686680332589205,"flow_src_last_pkt_time":1686680332589205,"flow_dst_last_pkt_time":1686680332589205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686680332589205,"l3_proto":"ip4","src_ip":"194.23.249.243","dst_ip":"74.111.203.55","src_port":54741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":524,"flow_packet_id":1,"flow_src_last_pkt_time":1686680332589205,"flow_dst_last_pkt_time":1686680332589205,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686680332589205,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbdzCF\/nzSm\/LN9XVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":524,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686680332589205,"flow_src_last_pkt_time":1686680332589205,"flow_dst_last_pkt_time":1686680332589205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686680332589205,"l3_proto":"ip4","src_ip":"194.23.249.243","dst_ip":"74.111.203.55","src_port":54741,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":522,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676477972093,"flow_src_last_pkt_time":1686676477972093,"flow_dst_last_pkt_time":1686676477972093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686680332589205,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"85.111.52.57","src_port":56229,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":523,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676562888350,"flow_src_last_pkt_time":1686676562888350,"flow_dst_last_pkt_time":1686676562888350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686680332589205,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":57365,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":531,"packets-processed":530,"total-skipped-flows":0,"total-l4-payload-len":26992,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":524,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":524,"total-idle-flows":523,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2532,"global_ts_usec":1686682695732816} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":525,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686682695732816,"flow_src_last_pkt_time":1686682695732816,"flow_dst_last_pkt_time":1686682695732816,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686682695732816,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"165.144.84.62","src_port":53358,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":525,"flow_packet_id":1,"flow_src_last_pkt_time":1686682695732816,"flow_dst_last_pkt_time":1686682695732816,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686682695732816,"pkt":"AAwp30Y4PJTVQTiBCABFAABL3fsAACcR9RylgP10pZBUPtBuAasAN168AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":525,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686682695732816,"flow_src_last_pkt_time":1686682695732816,"flow_dst_last_pkt_time":1686682695732816,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686682695732816,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"165.144.84.62","src_port":53358,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":524,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686680332589205,"flow_src_last_pkt_time":1686680332589205,"flow_dst_last_pkt_time":1686680332589205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686682695732816,"l3_proto":"ip4","src_ip":"194.23.249.243","dst_ip":"74.111.203.55","src_port":54741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":532,"packets-processed":531,"total-skipped-flows":0,"total-l4-payload-len":27039,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":525,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":525,"total-idle-flows":524,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2537,"global_ts_usec":1686684959984610} +00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":526,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686684959984610,"flow_src_last_pkt_time":1686684959984610,"flow_dst_last_pkt_time":1686684959984610,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686684959984610,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"186.112.202.53","src_port":11982,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":526,"flow_packet_id":1,"flow_src_last_pkt_time":1686684959984610,"flow_dst_last_pkt_time":1686684959984610,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686684959984610,"pkt":"xmjqc4OdPJTVQTiBCABFAABLbxIAACcRZBadePx7unDKNS7OAasANwBtAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01074{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":526,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686684959984610,"flow_src_last_pkt_time":1686684959984610,"flow_dst_last_pkt_time":1686684959984610,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686684959984610,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"186.112.202.53","src_port":11982,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":525,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686682695732816,"flow_src_last_pkt_time":1686682695732816,"flow_dst_last_pkt_time":1686682695732816,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686684959984610,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"165.144.84.62","src_port":53358,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":533,"packets-processed":532,"total-skipped-flows":0,"total-l4-payload-len":27086,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":526,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":526,"total-idle-flows":525,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2542,"global_ts_usec":1686700828543151} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":527,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686700828543151,"flow_src_last_pkt_time":1686700828543151,"flow_dst_last_pkt_time":1686700828543151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686700828543151,"l3_proto":"ip4","src_ip":"79.210.95.146","dst_ip":"165.114.202.61","src_port":54728,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":527,"flow_packet_id":1,"flow_src_last_pkt_time":1686700828543151,"flow_dst_last_pkt_time":1686700828543151,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686700828543151,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRYDBP0l+SpXLKPdXIAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":527,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686700828543151,"flow_src_last_pkt_time":1686700828543151,"flow_dst_last_pkt_time":1686700828543151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686700828543151,"l3_proto":"ip4","src_ip":"79.210.95.146","dst_ip":"165.114.202.61","src_port":54728,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":526,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686684959984610,"flow_src_last_pkt_time":1686684959984610,"flow_dst_last_pkt_time":1686684959984610,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686700828543151,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"186.112.202.53","src_port":11982,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":534,"packets-processed":533,"total-skipped-flows":0,"total-l4-payload-len":27115,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":527,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":527,"total-idle-flows":526,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2547,"global_ts_usec":1686703749016048} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":528,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686703749016048,"flow_src_last_pkt_time":1686703749016048,"flow_dst_last_pkt_time":1686703749016048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686703749016048,"l3_proto":"ip4","src_ip":"185.31.153.50","dst_ip":"186.112.202.53","src_port":50851,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":528,"flow_packet_id":1,"flow_src_last_pkt_time":1686703749016048,"flow_dst_last_pkt_time":1686703749016048,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686703749016048,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPoRbFq5H5kyunDKNcajAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":528,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686703749016048,"flow_src_last_pkt_time":1686703749016048,"flow_dst_last_pkt_time":1686703749016048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686703749016048,"l3_proto":"ip4","src_ip":"185.31.153.50","dst_ip":"186.112.202.53","src_port":50851,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":527,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686700828543151,"flow_src_last_pkt_time":1686700828543151,"flow_dst_last_pkt_time":1686700828543151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686703749016048,"l3_proto":"ip4","src_ip":"79.210.95.146","dst_ip":"165.114.202.61","src_port":54728,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":535,"packets-processed":534,"total-skipped-flows":0,"total-l4-payload-len":27144,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":528,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":528,"total-idle-flows":527,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2552,"global_ts_usec":1686704612212174} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":529,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686704612212174,"flow_src_last_pkt_time":1686704612212174,"flow_dst_last_pkt_time":1686704612212174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686704612212174,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"90.141.37.56","src_port":34795,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":529,"flow_packet_id":1,"flow_src_last_pkt_time":1686704612212174,"flow_dst_last_pkt_time":1686704612212174,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686704612212174,"pkt":"3jHC4dyOPJTVQTiBCABFAABLT2YAACcRg7wid3p+Wo0lOIfrAasAN6dJAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":529,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686704612212174,"flow_src_last_pkt_time":1686704612212174,"flow_dst_last_pkt_time":1686704612212174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686704612212174,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"90.141.37.56","src_port":34795,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":528,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686703749016048,"flow_src_last_pkt_time":1686703749016048,"flow_dst_last_pkt_time":1686703749016048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686704612212174,"l3_proto":"ip4","src_ip":"185.31.153.50","dst_ip":"186.112.202.53","src_port":50851,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":536,"packets-processed":535,"total-skipped-flows":0,"total-l4-payload-len":27191,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":529,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":529,"total-idle-flows":528,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2557,"global_ts_usec":1686705292730193} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":530,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686705292730193,"flow_src_last_pkt_time":1686705292730193,"flow_dst_last_pkt_time":1686705292730193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686705292730193,"l3_proto":"ip4","src_ip":"253.112.232.91","dst_ip":"69.109.187.54","src_port":40051,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":530,"flow_packet_id":1,"flow_src_last_pkt_time":1686705292730193,"flow_dst_last_pkt_time":1686705292730193,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686705292730193,"pkt":"bpHurUgdPJTVQTiBCABFAABSlN0AAPMR8Cz9cOhbRW27NpxzAasAPqKqAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":530,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686705292730193,"flow_src_last_pkt_time":1686705292730193,"flow_dst_last_pkt_time":1686705292730193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686705292730193,"l3_proto":"ip4","src_ip":"253.112.232.91","dst_ip":"69.109.187.54","src_port":40051,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":529,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686704612212174,"flow_src_last_pkt_time":1686704612212174,"flow_dst_last_pkt_time":1686704612212174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686705292730193,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"90.141.37.56","src_port":34795,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":537,"packets-processed":536,"total-skipped-flows":0,"total-l4-payload-len":27245,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":530,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":530,"total-idle-flows":529,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2562,"global_ts_usec":1686709262177735} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709262177735,"flow_src_last_pkt_time":1686709262177735,"flow_dst_last_pkt_time":1686709262177735,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709262177735,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":47719,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":531,"flow_packet_id":1,"flow_src_last_pkt_time":1686709262177735,"flow_dst_last_pkt_time":1686709262177735,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686709262177735,"pkt":"AAwp30Y4PJTVQTiBCABFAABLpjwAACcRLOViZ\/1zWm\/UMrpnAasAN3TMAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709262177735,"flow_src_last_pkt_time":1686709262177735,"flow_dst_last_pkt_time":1686709262177735,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709262177735,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":47719,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":530,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686705292730193,"flow_src_last_pkt_time":1686705292730193,"flow_dst_last_pkt_time":1686705292730193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709262177735,"l3_proto":"ip4","src_ip":"253.112.232.91","dst_ip":"69.109.187.54","src_port":40051,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":532,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709804807056,"flow_src_last_pkt_time":1686709804807056,"flow_dst_last_pkt_time":1686709804807056,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709804807056,"l3_proto":"ip4","src_ip":"228.255.84.119","dst_ip":"74.111.203.55","src_port":61523,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":532,"flow_packet_id":1,"flow_src_last_pkt_time":1686709804807056,"flow_dst_last_pkt_time":1686709804807056,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686709804807056,"pkt":"ipffLU2SPJTVQTiBCABFCABL1UgAACER9mnk\/1R3Sm\/LN\/BTAasANzF5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":532,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709804807056,"flow_src_last_pkt_time":1686709804807056,"flow_dst_last_pkt_time":1686709804807056,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709804807056,"l3_proto":"ip4","src_ip":"228.255.84.119","dst_ip":"74.111.203.55","src_port":61523,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709262177735,"flow_src_last_pkt_time":1686709262177735,"flow_dst_last_pkt_time":1686709262177735,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709804807056,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":47719,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":539,"packets-processed":538,"total-skipped-flows":0,"total-l4-payload-len":27339,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":532,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":532,"total-idle-flows":531,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2571,"global_ts_usec":1686713625992470} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713625992470,"flow_src_last_pkt_time":1686713625992470,"flow_dst_last_pkt_time":1686713625992470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713625992470,"l3_proto":"ip4","src_ip":"178.240.255.34","dst_ip":"69.109.187.54","src_port":54964,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":533,"flow_packet_id":1,"flow_src_last_pkt_time":1686713625992470,"flow_dst_last_pkt_time":1686713625992470,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686713625992470,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRXoSy8P8iRW27Nta0AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713625992470,"flow_src_last_pkt_time":1686713625992470,"flow_dst_last_pkt_time":1686713625992470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713625992470,"l3_proto":"ip4","src_ip":"178.240.255.34","dst_ip":"69.109.187.54","src_port":54964,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":540,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":532,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709804807056,"flow_src_last_pkt_time":1686709804807056,"flow_dst_last_pkt_time":1686709804807056,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713625992470,"l3_proto":"ip4","src_ip":"228.255.84.119","dst_ip":"74.111.203.55","src_port":61523,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":540,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":534,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713856291158,"flow_src_last_pkt_time":1686713856291158,"flow_dst_last_pkt_time":1686713856291158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713856291158,"l3_proto":"ip4","src_ip":"89.236.122.100","dst_ip":"90.145.180.58","src_port":51926,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":540,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":534,"flow_packet_id":1,"flow_src_last_pkt_time":1686713856291158,"flow_dst_last_pkt_time":1686713856291158,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686713856291158,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRbY1Z7HpkWpG0OsrWAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":540,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":534,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713856291158,"flow_src_last_pkt_time":1686713856291158,"flow_dst_last_pkt_time":1686713856291158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713856291158,"l3_proto":"ip4","src_ip":"89.236.122.100","dst_ip":"90.145.180.58","src_port":51926,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713625992470,"flow_src_last_pkt_time":1686713625992470,"flow_dst_last_pkt_time":1686713625992470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713856291158,"l3_proto":"ip4","src_ip":"178.240.255.34","dst_ip":"69.109.187.54","src_port":54964,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":541,"packets-processed":540,"total-skipped-flows":0,"total-l4-payload-len":27397,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":534,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":534,"total-idle-flows":533,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2580,"global_ts_usec":1686714599962630} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":535,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686714599962630,"flow_src_last_pkt_time":1686714599962630,"flow_dst_last_pkt_time":1686714599962630,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686714599962630,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"69.109.187.54","src_port":35057,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":535,"flow_packet_id":1,"flow_src_last_pkt_time":1686714599962630,"flow_dst_last_pkt_time":1686714599962630,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686714599962630,"pkt":"bpHurUgdPJTVQTiBCABFAABLYvQAACcRcDOagXt8RW27NojxAasAN6ZIAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":535,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686714599962630,"flow_src_last_pkt_time":1686714599962630,"flow_dst_last_pkt_time":1686714599962630,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686714599962630,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"69.109.187.54","src_port":35057,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":534,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713856291158,"flow_src_last_pkt_time":1686713856291158,"flow_dst_last_pkt_time":1686713856291158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686714599962630,"l3_proto":"ip4","src_ip":"89.236.122.100","dst_ip":"90.145.180.58","src_port":51926,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":542,"packets-processed":541,"total-skipped-flows":0,"total-l4-payload-len":27444,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":535,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":535,"total-idle-flows":534,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2585,"global_ts_usec":1686715614560571} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":536,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686715614560571,"flow_src_last_pkt_time":1686715614560571,"flow_dst_last_pkt_time":1686715614560571,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686715614560571,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.111.212.50","src_port":61013,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":536,"flow_packet_id":1,"flow_src_last_pkt_time":1686715614560571,"flow_dst_last_pkt_time":1686715614560571,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686715614560571,"pkt":"AAwp30Y4PJTVQTiBCABFCABLxe4AACIRBL8j\/EVxWm\/UMu5VAasANzNyAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":536,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686715614560571,"flow_src_last_pkt_time":1686715614560571,"flow_dst_last_pkt_time":1686715614560571,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686715614560571,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.111.212.50","src_port":61013,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":543,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":535,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686714599962630,"flow_src_last_pkt_time":1686714599962630,"flow_dst_last_pkt_time":1686714599962630,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686715614560571,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"69.109.187.54","src_port":35057,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":543,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":537,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686716172395855,"flow_src_last_pkt_time":1686716172395855,"flow_dst_last_pkt_time":1686716172395855,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686716172395855,"l3_proto":"ip4","src_ip":"94.210.194.31","dst_ip":"85.111.52.57","src_port":53432,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":543,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":537,"flow_packet_id":1,"flow_src_last_pkt_time":1686716172395855,"flow_dst_last_pkt_time":1686716172395855,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686716172395855,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbTxe0sIfVW80OdC4AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":543,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":537,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686716172395855,"flow_src_last_pkt_time":1686716172395855,"flow_dst_last_pkt_time":1686716172395855,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686716172395855,"l3_proto":"ip4","src_ip":"94.210.194.31","dst_ip":"85.111.52.57","src_port":53432,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":536,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686715614560571,"flow_src_last_pkt_time":1686715614560571,"flow_dst_last_pkt_time":1686715614560571,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686716172395855,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.111.212.50","src_port":61013,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":544,"packets-processed":543,"total-skipped-flows":0,"total-l4-payload-len":27520,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":537,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":537,"total-idle-flows":536,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2594,"global_ts_usec":1686717273049688} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":538,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717273049688,"flow_src_last_pkt_time":1686717273049688,"flow_dst_last_pkt_time":1686717273049688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717273049688,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"90.111.212.50","src_port":16953,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":538,"flow_packet_id":1,"flow_src_last_pkt_time":1686717273049688,"flow_dst_last_pkt_time":1686717273049688,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686717273049688,"pkt":"AAwp30Y4PJTVQTiBCABFCABLtG0AACQRD\/vnJlLdWm\/UMkI5AasAN9tJAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":538,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717273049688,"flow_src_last_pkt_time":1686717273049688,"flow_dst_last_pkt_time":1686717273049688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717273049688,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"90.111.212.50","src_port":16953,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":537,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686716172395855,"flow_src_last_pkt_time":1686716172395855,"flow_dst_last_pkt_time":1686716172395855,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717273049688,"l3_proto":"ip4","src_ip":"94.210.194.31","dst_ip":"85.111.52.57","src_port":53432,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":539,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717773171081,"flow_src_last_pkt_time":1686717773171081,"flow_dst_last_pkt_time":1686717773171081,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717773171081,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"85.111.52.57","src_port":39592,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":539,"flow_packet_id":1,"flow_src_last_pkt_time":1686717773171081,"flow_dst_last_pkt_time":1686717773171081,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686717773171081,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLaxoAACQRWUtYH27bVW80OZqoAasAN4LXAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":539,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717773171081,"flow_src_last_pkt_time":1686717773171081,"flow_dst_last_pkt_time":1686717773171081,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717773171081,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"85.111.52.57","src_port":39592,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":538,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717273049688,"flow_src_last_pkt_time":1686717273049688,"flow_dst_last_pkt_time":1686717273049688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717773171081,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"90.111.212.50","src_port":16953,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":546,"packets-processed":545,"total-skipped-flows":0,"total-l4-payload-len":27614,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":539,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":539,"total-idle-flows":538,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2603,"global_ts_usec":1686720855584550} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":540,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686720855584550,"flow_src_last_pkt_time":1686720855584550,"flow_dst_last_pkt_time":1686720855584550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686720855584550,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"69.109.187.54","src_port":4034,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":540,"flow_packet_id":1,"flow_src_last_pkt_time":1686720855584550,"flow_dst_last_pkt_time":1686720855584550,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686720855584550,"pkt":"bpHurUgdPJTVQTiBCABFCABLQSYAACQRg0fn33nVRW27Ng\/CAasANw3GAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":540,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686720855584550,"flow_src_last_pkt_time":1686720855584550,"flow_dst_last_pkt_time":1686720855584550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686720855584550,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"69.109.187.54","src_port":4034,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":539,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717773171081,"flow_src_last_pkt_time":1686717773171081,"flow_dst_last_pkt_time":1686717773171081,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686720855584550,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"85.111.52.57","src_port":39592,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":547,"packets-processed":546,"total-skipped-flows":0,"total-l4-payload-len":27661,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":540,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":540,"total-idle-flows":539,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2608,"global_ts_usec":1686722365950548} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":541,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722365950548,"flow_src_last_pkt_time":1686722365950548,"flow_dst_last_pkt_time":1686722365950548,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722365950548,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"165.114.202.61","src_port":49841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":541,"flow_packet_id":1,"flow_src_last_pkt_time":1686722365950548,"flow_dst_last_pkt_time":1686722365950548,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686722365950548,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+bGJAADQRNItAPySLpXLKPcKxAasAKgb4AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":541,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722365950548,"flow_src_last_pkt_time":1686722365950548,"flow_dst_last_pkt_time":1686722365950548,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722365950548,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"165.114.202.61","src_port":49841,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":548,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":540,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686720855584550,"flow_src_last_pkt_time":1686720855584550,"flow_dst_last_pkt_time":1686720855584550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722365950548,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"69.109.187.54","src_port":4034,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":548,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":542,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722434456661,"flow_src_last_pkt_time":1686722434456661,"flow_dst_last_pkt_time":1686722434456661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722434456661,"l3_proto":"ip4","src_ip":"71.191.53.138","dst_ip":"90.111.212.50","src_port":45513,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":548,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":542,"flow_packet_id":1,"flow_src_last_pkt_time":1686722434456661,"flow_dst_last_pkt_time":1686722434456661,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686722434456661,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+inlAADQRFn5HvzWKWm\/UMrHJAasAKhfqAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":548,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":542,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722434456661,"flow_src_last_pkt_time":1686722434456661,"flow_dst_last_pkt_time":1686722434456661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722434456661,"l3_proto":"ip4","src_ip":"71.191.53.138","dst_ip":"90.111.212.50","src_port":45513,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01114{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":549,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":541,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722365950548,"flow_src_last_pkt_time":1686722365950548,"flow_dst_last_pkt_time":1686722365950548,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722434456661,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"165.114.202.61","src_port":49841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":549,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":543,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722723892485,"flow_src_last_pkt_time":1686722723892485,"flow_dst_last_pkt_time":1686722723892485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722723892485,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"90.147.171.51","src_port":14637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":549,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":543,"flow_packet_id":1,"flow_src_last_pkt_time":1686722723892485,"flow_dst_last_pkt_time":1686722723892485,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686722723892485,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+\/dxAADQRoxdAPzSOWpOrMzktAasAKpCDAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":549,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":543,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722723892485,"flow_src_last_pkt_time":1686722723892485,"flow_dst_last_pkt_time":1686722723892485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722723892485,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"90.147.171.51","src_port":14637,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":550,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":542,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722434456661,"flow_src_last_pkt_time":1686722434456661,"flow_dst_last_pkt_time":1686722434456661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722723892485,"l3_proto":"ip4","src_ip":"71.191.53.138","dst_ip":"90.111.212.50","src_port":45513,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":550,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":541,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722365950548,"flow_src_last_pkt_time":1686722365950548,"flow_dst_last_pkt_time":1686722365950548,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722723892485,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"165.114.202.61","src_port":49841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":550,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722933062511,"flow_src_last_pkt_time":1686722933062511,"flow_dst_last_pkt_time":1686722933062511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722933062511,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"69.109.187.54","src_port":49841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":550,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":544,"flow_packet_id":1,"flow_src_last_pkt_time":1686722933062511,"flow_dst_last_pkt_time":1686722933062511,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686722933062511,"pkt":"bpHurUgdPJTVQTiBCABFAAA+udZAADQR5x9APySLRW27NsKxAasAKgcBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":550,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722933062511,"flow_src_last_pkt_time":1686722933062511,"flow_dst_last_pkt_time":1686722933062511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722933062511,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"69.109.187.54","src_port":49841,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":543,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722723892485,"flow_src_last_pkt_time":1686722723892485,"flow_dst_last_pkt_time":1686722723892485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722933062511,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"90.147.171.51","src_port":14637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":551,"packets-processed":550,"total-skipped-flows":0,"total-l4-payload-len":27797,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":544,"total-detection-updates":0,"total-updates":94,"current-active-flows":1,"total-active-flows":544,"total-idle-flows":543,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2626,"global_ts_usec":1686722979135224} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":545,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722979135224,"flow_src_last_pkt_time":1686722979135224,"flow_dst_last_pkt_time":1686722979135224,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722979135224,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":30888,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":545,"flow_packet_id":1,"flow_src_last_pkt_time":1686722979135224,"flow_dst_last_pkt_time":1686722979135224,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686722979135224,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+JuRAADQRegS\/OSSHpZBUPnioAasAKlD8AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":545,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722979135224,"flow_src_last_pkt_time":1686722979135224,"flow_dst_last_pkt_time":1686722979135224,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722979135224,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":30888,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":552,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722933062511,"flow_src_last_pkt_time":1686722933062511,"flow_dst_last_pkt_time":1686722933062511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722979135224,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"69.109.187.54","src_port":49841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":552,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":546,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723156732545,"flow_src_last_pkt_time":1686723156732545,"flow_dst_last_pkt_time":1686723156732545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723156732545,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"74.111.203.55","src_port":21356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":552,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":546,"flow_packet_id":1,"flow_src_last_pkt_time":1686723156732545,"flow_dst_last_pkt_time":1686723156732545,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686723156732545,"pkt":"ipffLU2SPJTVQTiBCABFAAA+YFRAADQRQJy4wTqGSm\/LN1NsAasAKnZAAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":552,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":546,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723156732545,"flow_src_last_pkt_time":1686723156732545,"flow_dst_last_pkt_time":1686723156732545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723156732545,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"74.111.203.55","src_port":21356,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":553,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722933062511,"flow_src_last_pkt_time":1686722933062511,"flow_dst_last_pkt_time":1686722933062511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723156732545,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"69.109.187.54","src_port":49841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":553,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":545,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722979135224,"flow_src_last_pkt_time":1686722979135224,"flow_dst_last_pkt_time":1686722979135224,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723156732545,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":30888,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":553,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":547,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723218825916,"flow_src_last_pkt_time":1686723218825916,"flow_dst_last_pkt_time":1686723218825916,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723218825916,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"85.111.52.57","src_port":45266,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":553,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":547,"flow_packet_id":1,"flow_src_last_pkt_time":1686723218825916,"flow_dst_last_pkt_time":1686723218825916,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686723218825916,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+hBZAADQRHNdAPzSOVW80ObDSAasAKhjXAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":553,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":547,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723218825916,"flow_src_last_pkt_time":1686723218825916,"flow_dst_last_pkt_time":1686723218825916,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723218825916,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"85.111.52.57","src_port":45266,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":545,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722979135224,"flow_src_last_pkt_time":1686722979135224,"flow_dst_last_pkt_time":1686722979135224,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723218825916,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":30888,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":546,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723156732545,"flow_src_last_pkt_time":1686723156732545,"flow_dst_last_pkt_time":1686723156732545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723218825916,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"74.111.203.55","src_port":21356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":548,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723578690477,"flow_src_last_pkt_time":1686723578690477,"flow_dst_last_pkt_time":1686723578690477,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723578690477,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.145.180.58","src_port":6016,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":548,"flow_packet_id":1,"flow_src_last_pkt_time":1686723578690477,"flow_dst_last_pkt_time":1686723578690477,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686723578690477,"pkt":"bs1PogZtPJTVQTiBCABFAAA+XhhAADQRQtG4wTqGWpG0OheAAasAKrIlAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":548,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723578690477,"flow_src_last_pkt_time":1686723578690477,"flow_dst_last_pkt_time":1686723578690477,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723578690477,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.145.180.58","src_port":6016,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":547,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723218825916,"flow_src_last_pkt_time":1686723218825916,"flow_dst_last_pkt_time":1686723218825916,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723578690477,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"85.111.52.57","src_port":45266,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":546,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723156732545,"flow_src_last_pkt_time":1686723156732545,"flow_dst_last_pkt_time":1686723156732545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723578690477,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"74.111.203.55","src_port":21356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":555,"packets-processed":554,"total-skipped-flows":0,"total-l4-payload-len":27933,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":548,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":548,"total-idle-flows":547,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2646,"global_ts_usec":1686723785197536} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":549,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723785197536,"flow_src_last_pkt_time":1686723785197536,"flow_dst_last_pkt_time":1686723785197536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723785197536,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.141.37.56","src_port":21356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":549,"flow_packet_id":1,"flow_src_last_pkt_time":1686723785197536,"flow_dst_last_pkt_time":1686723785197536,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686723785197536,"pkt":"3jHC4dyOPJTVQTiBCABFAAA++PJAADQRp\/m4wTqGWo0lOFNsAasAKnY8AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":549,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723785197536,"flow_src_last_pkt_time":1686723785197536,"flow_dst_last_pkt_time":1686723785197536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723785197536,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.141.37.56","src_port":21356,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":548,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723578690477,"flow_src_last_pkt_time":1686723578690477,"flow_dst_last_pkt_time":1686723578690477,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723785197536,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.145.180.58","src_port":6016,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":556,"packets-processed":555,"total-skipped-flows":0,"total-l4-payload-len":27967,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":549,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":549,"total-idle-flows":548,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2651,"global_ts_usec":1686725098326675} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":550,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725098326675,"flow_src_last_pkt_time":1686725098326675,"flow_dst_last_pkt_time":1686725098326675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725098326675,"l3_proto":"ip4","src_ip":"51.242.192.58","dst_ip":"165.144.84.62","src_port":51989,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":550,"flow_packet_id":1,"flow_src_last_pkt_time":1686725098326675,"flow_dst_last_pkt_time":1686725098326675,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686725098326675,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXmQz8sA6pZBUPssVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":550,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725098326675,"flow_src_last_pkt_time":1686725098326675,"flow_dst_last_pkt_time":1686725098326675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725098326675,"l3_proto":"ip4","src_ip":"51.242.192.58","dst_ip":"165.144.84.62","src_port":51989,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":549,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723785197536,"flow_src_last_pkt_time":1686723785197536,"flow_dst_last_pkt_time":1686723785197536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725098326675,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.141.37.56","src_port":21356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":557,"packets-processed":556,"total-skipped-flows":0,"total-l4-payload-len":27996,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":550,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":550,"total-idle-flows":549,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2656,"global_ts_usec":1686725813807299} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":551,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725813807299,"flow_src_last_pkt_time":1686725813807299,"flow_dst_last_pkt_time":1686725813807299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725813807299,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"186.112.202.53","src_port":45764,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":551,"flow_packet_id":1,"flow_src_last_pkt_time":1686725813807299,"flow_dst_last_pkt_time":1686725813807299,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686725813807299,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+QzNAADQRXblAwcSFunDKNbLEAasAKhbkAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":551,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725813807299,"flow_src_last_pkt_time":1686725813807299,"flow_dst_last_pkt_time":1686725813807299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725813807299,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"186.112.202.53","src_port":45764,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":550,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725098326675,"flow_src_last_pkt_time":1686725098326675,"flow_dst_last_pkt_time":1686725098326675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725813807299,"l3_proto":"ip4","src_ip":"51.242.192.58","dst_ip":"165.144.84.62","src_port":51989,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":558,"packets-processed":557,"total-skipped-flows":0,"total-l4-payload-len":28030,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":551,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":551,"total-idle-flows":550,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2661,"global_ts_usec":1686729365919386} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":552,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686729365919386,"flow_src_last_pkt_time":1686729365919386,"flow_dst_last_pkt_time":1686729365919386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686729365919386,"l3_proto":"ip4","src_ip":"185.29.253.207","dst_ip":"90.141.37.56","src_port":55308,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":552,"flow_packet_id":1,"flow_src_last_pkt_time":1686729365919386,"flow_dst_last_pkt_time":1686729365919386,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686729365919386,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbbu5Hf3PWo0lONgMAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":552,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686729365919386,"flow_src_last_pkt_time":1686729365919386,"flow_dst_last_pkt_time":1686729365919386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686729365919386,"l3_proto":"ip4","src_ip":"185.29.253.207","dst_ip":"90.141.37.56","src_port":55308,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":551,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725813807299,"flow_src_last_pkt_time":1686725813807299,"flow_dst_last_pkt_time":1686725813807299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686729365919386,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"186.112.202.53","src_port":45764,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":559,"packets-processed":558,"total-skipped-flows":0,"total-l4-payload-len":28059,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":552,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":552,"total-idle-flows":551,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2666,"global_ts_usec":1686732302782823} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":553,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686732302782823,"flow_src_last_pkt_time":1686732302782823,"flow_dst_last_pkt_time":1686732302782823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686732302782823,"l3_proto":"ip4","src_ip":"49.49.71.169","dst_ip":"90.147.171.51","src_port":56940,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":553,"flow_packet_id":1,"flow_src_last_pkt_time":1686732302782823,"flow_dst_last_pkt_time":1686732302782823,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686732302782823,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXyExMUepWpOrM95sAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":553,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686732302782823,"flow_src_last_pkt_time":1686732302782823,"flow_dst_last_pkt_time":1686732302782823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686732302782823,"l3_proto":"ip4","src_ip":"49.49.71.169","dst_ip":"90.147.171.51","src_port":56940,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":552,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686729365919386,"flow_src_last_pkt_time":1686729365919386,"flow_dst_last_pkt_time":1686729365919386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686732302782823,"l3_proto":"ip4","src_ip":"185.29.253.207","dst_ip":"90.141.37.56","src_port":55308,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":560,"packets-processed":559,"total-skipped-flows":0,"total-l4-payload-len":28088,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":553,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":553,"total-idle-flows":552,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2671,"global_ts_usec":1686734552484911} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686734552484911,"flow_src_last_pkt_time":1686734552484911,"flow_dst_last_pkt_time":1686734552484911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686734552484911,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"90.111.212.50","src_port":55179,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":554,"flow_packet_id":1,"flow_src_last_pkt_time":1686734552484911,"flow_dst_last_pkt_time":1686734552484911,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686734552484911,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbUTGF1kcWm\/UMteLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686734552484911,"flow_src_last_pkt_time":1686734552484911,"flow_dst_last_pkt_time":1686734552484911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686734552484911,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"90.111.212.50","src_port":55179,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":553,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686732302782823,"flow_src_last_pkt_time":1686732302782823,"flow_dst_last_pkt_time":1686732302782823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686734552484911,"l3_proto":"ip4","src_ip":"49.49.71.169","dst_ip":"90.147.171.51","src_port":56940,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":561,"packets-processed":560,"total-skipped-flows":0,"total-l4-payload-len":28117,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":554,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":554,"total-idle-flows":553,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2676,"global_ts_usec":1686745116214925} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":555,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686745116214925,"flow_src_last_pkt_time":1686745116214925,"flow_dst_last_pkt_time":1686745116214925,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686745116214925,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"186.112.202.53","src_port":33154,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":555,"flow_packet_id":1,"flow_src_last_pkt_time":1686745116214925,"flow_dst_last_pkt_time":1686745116214925,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686745116214925,"pkt":"xmjqc4OdPJTVQTiBCABFCABLQo0AACQRgdjnJlLdunDKNYGCAasAN5v9AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":555,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686745116214925,"flow_src_last_pkt_time":1686745116214925,"flow_dst_last_pkt_time":1686745116214925,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686745116214925,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"186.112.202.53","src_port":33154,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686734552484911,"flow_src_last_pkt_time":1686734552484911,"flow_dst_last_pkt_time":1686734552484911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686745116214925,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"90.111.212.50","src_port":55179,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":562,"packets-processed":561,"total-skipped-flows":0,"total-l4-payload-len":28164,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":555,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":555,"total-idle-flows":554,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2681,"global_ts_usec":1686766680148551} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686766680148551,"flow_src_last_pkt_time":1686766680148551,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686766680148551,"l3_proto":"ip4","src_ip":"43.95.195.22","dst_ip":"85.111.52.57","src_port":50287,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_packet_id":1,"flow_src_last_pkt_time":1686766680148551,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686766680148551,"pkt":"moT+\/Ph8PJTVQTiBCABFAABSwG8AAC0RJTYrX8MWVW80OcRvAasAPhVJAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686766680148551,"flow_src_last_pkt_time":1686766680148551,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686766680148551,"l3_proto":"ip4","src_ip":"43.95.195.22","dst_ip":"85.111.52.57","src_port":50287,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_packet_id":2,"flow_src_last_pkt_time":1686766680148564,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686766680148564,"pkt":"moT+\/Ph8PJTVQTiBCABFAABSwG8AAC0RJTYrX8MWVW80OcRvAasAPhVJAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":555,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686745116214925,"flow_src_last_pkt_time":1686745116214925,"flow_dst_last_pkt_time":1686745116214925,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686766680148564,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"186.112.202.53","src_port":33154,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":564,"packets-processed":563,"total-skipped-flows":0,"total-l4-payload-len":28272,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":556,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":556,"total-idle-flows":555,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2687,"global_ts_usec":1686776388352182} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686776388352182,"flow_src_last_pkt_time":1686776388352182,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686776388352182,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.114.202.61","src_port":26337,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_packet_id":1,"flow_src_last_pkt_time":1686776388352182,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686776388352182,"pkt":"AAwp30Y4PJTVQTiBCABFBABSYuEAADQRGY3rYkGFpXLKPWbhAasAPhCkAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686776388352182,"flow_src_last_pkt_time":1686776388352182,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686776388352182,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.114.202.61","src_port":26337,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":565,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_packet_id":2,"flow_src_last_pkt_time":1686776388352185,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686776388352185,"pkt":"AAwp30Y4PJTVQTiBCABFBABSYuEAADQRGY3rYkGFpXLKPWbhAasAPhCkAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1686766680148551,"flow_src_last_pkt_time":1686766680148564,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686776388352185,"l3_proto":"ip4","src_ip":"43.95.195.22","dst_ip":"85.111.52.57","src_port":50287,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":566,"packets-processed":565,"total-skipped-flows":0,"total-l4-payload-len":28380,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":557,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":557,"total-idle-flows":556,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2693,"global_ts_usec":1686782629632128} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":558,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686782629632128,"flow_src_last_pkt_time":1686782629632128,"flow_dst_last_pkt_time":1686782629632128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686782629632128,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"165.114.202.61","src_port":39471,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":558,"flow_packet_id":1,"flow_src_last_pkt_time":1686782629632128,"flow_dst_last_pkt_time":1686782629632128,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686782629632128,"pkt":"AAwp30Y4PJTVQTiBCABFCABLh+kAACIRQr6fPLR2pXLKPZovAasAN4eSAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":558,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686782629632128,"flow_src_last_pkt_time":1686782629632128,"flow_dst_last_pkt_time":1686782629632128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686782629632128,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"165.114.202.61","src_port":39471,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1686776388352182,"flow_src_last_pkt_time":1686776388352185,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686782629632128,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.114.202.61","src_port":26337,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":567,"packets-processed":566,"total-skipped-flows":0,"total-l4-payload-len":28427,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":558,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":558,"total-idle-flows":557,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2698,"global_ts_usec":1686783435918307} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":559,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686783435918307,"flow_src_last_pkt_time":1686783435918307,"flow_dst_last_pkt_time":1686783435918307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686783435918307,"l3_proto":"ip4","src_ip":"164.192.91.117","dst_ip":"165.144.84.62","src_port":41275,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":559,"flow_packet_id":1,"flow_src_last_pkt_time":1686783435918307,"flow_dst_last_pkt_time":1686783435918307,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686783435918307,"pkt":"AAwp30Y4PJTVQTiBCABFCABL9voAACIR06ykwFt1pZBUPqE7AasAN4CGAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":559,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686783435918307,"flow_src_last_pkt_time":1686783435918307,"flow_dst_last_pkt_time":1686783435918307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686783435918307,"l3_proto":"ip4","src_ip":"164.192.91.117","dst_ip":"165.144.84.62","src_port":41275,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":558,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686782629632128,"flow_src_last_pkt_time":1686782629632128,"flow_dst_last_pkt_time":1686782629632128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686783435918307,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"165.114.202.61","src_port":39471,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":568,"packets-processed":567,"total-skipped-flows":0,"total-l4-payload-len":28474,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":559,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":559,"total-idle-flows":558,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2703,"global_ts_usec":1686785007737222} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":560,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686785007737222,"flow_src_last_pkt_time":1686785007737222,"flow_dst_last_pkt_time":1686785007737222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686785007737222,"l3_proto":"ip4","src_ip":"155.160.165.208","dst_ip":"69.109.187.54","src_port":51124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":560,"flow_packet_id":1,"flow_src_last_pkt_time":1686785007737222,"flow_dst_last_pkt_time":1686785007737222,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686785007737222,"pkt":"bpHurUgdPJTVQTiBCABFCABLA0AAACQRwTOboKXQRW27Nse0AasAN1XZAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":560,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686785007737222,"flow_src_last_pkt_time":1686785007737222,"flow_dst_last_pkt_time":1686785007737222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686785007737222,"l3_proto":"ip4","src_ip":"155.160.165.208","dst_ip":"69.109.187.54","src_port":51124,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":559,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686783435918307,"flow_src_last_pkt_time":1686783435918307,"flow_dst_last_pkt_time":1686783435918307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686785007737222,"l3_proto":"ip4","src_ip":"164.192.91.117","dst_ip":"165.144.84.62","src_port":41275,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":569,"packets-processed":568,"total-skipped-flows":0,"total-l4-payload-len":28521,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":560,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":560,"total-idle-flows":559,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2708,"global_ts_usec":1686790507373750} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":561,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686790507373750,"flow_src_last_pkt_time":1686790507373750,"flow_dst_last_pkt_time":1686790507373750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686790507373750,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"186.112.202.53","src_port":65092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":561,"flow_packet_id":1,"flow_src_last_pkt_time":1686790507373750,"flow_dst_last_pkt_time":1686790507373750,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686790507373750,"pkt":"xmjqc4OdPJTVQTiBCABFCABLxbwAACIRBPAjAGRzunDKNf5EAasANyOCAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":561,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686790507373750,"flow_src_last_pkt_time":1686790507373750,"flow_dst_last_pkt_time":1686790507373750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686790507373750,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"186.112.202.53","src_port":65092,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":560,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686785007737222,"flow_src_last_pkt_time":1686785007737222,"flow_dst_last_pkt_time":1686785007737222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686790507373750,"l3_proto":"ip4","src_ip":"155.160.165.208","dst_ip":"69.109.187.54","src_port":51124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":570,"packets-processed":569,"total-skipped-flows":0,"total-l4-payload-len":28568,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":561,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":561,"total-idle-flows":560,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2713,"global_ts_usec":1686794003013015} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686794003013015,"flow_src_last_pkt_time":1686794003013015,"flow_dst_last_pkt_time":1686794003013015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686794003013015,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.147.171.51","src_port":15170,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":562,"flow_packet_id":1,"flow_src_last_pkt_time":1686794003013015,"flow_dst_last_pkt_time":1686794003013015,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686794003013015,"pkt":"AAwp30Y4PJTVQTiBCABFCABLrMYAACQRF6rn33nVWpOrMztCAasAN+JIAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686794003013015,"flow_src_last_pkt_time":1686794003013015,"flow_dst_last_pkt_time":1686794003013015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686794003013015,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.147.171.51","src_port":15170,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":561,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686790507373750,"flow_src_last_pkt_time":1686790507373750,"flow_dst_last_pkt_time":1686790507373750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686794003013015,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"186.112.202.53","src_port":65092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":571,"packets-processed":570,"total-skipped-flows":0,"total-l4-payload-len":28615,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":562,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":562,"total-idle-flows":561,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2718,"global_ts_usec":1686799154433661} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":563,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686799154433661,"flow_src_last_pkt_time":1686799154433661,"flow_dst_last_pkt_time":1686799154433661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686799154433661,"l3_proto":"ip4","src_ip":"65.218.6.160","dst_ip":"165.114.202.61","src_port":55146,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":563,"flow_packet_id":1,"flow_src_last_pkt_time":1686799154433661,"flow_dst_last_pkt_time":1686799154433661,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686799154433661,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbQVB2gagpXLKPddqAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":563,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686799154433661,"flow_src_last_pkt_time":1686799154433661,"flow_dst_last_pkt_time":1686799154433661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686799154433661,"l3_proto":"ip4","src_ip":"65.218.6.160","dst_ip":"165.114.202.61","src_port":55146,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686794003013015,"flow_src_last_pkt_time":1686794003013015,"flow_dst_last_pkt_time":1686794003013015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686799154433661,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.147.171.51","src_port":15170,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":572,"packets-processed":571,"total-skipped-flows":0,"total-l4-payload-len":28644,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":563,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":563,"total-idle-flows":562,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2723,"global_ts_usec":1686801707865988} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":564,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686801707865988,"flow_src_last_pkt_time":1686801707865988,"flow_dst_last_pkt_time":1686801707865988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686801707865988,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"85.111.52.57","src_port":64449,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":564,"flow_packet_id":1,"flow_src_last_pkt_time":1686801707865988,"flow_dst_last_pkt_time":1686801707865988,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686801707865988,"pkt":"moT+\/Ph8PJTVQTiBCABFAABLmP8AACcROhldZnxwVW80OfvBAasANzNpAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":564,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686801707865988,"flow_src_last_pkt_time":1686801707865988,"flow_dst_last_pkt_time":1686801707865988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686801707865988,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"85.111.52.57","src_port":64449,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":563,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686799154433661,"flow_src_last_pkt_time":1686799154433661,"flow_dst_last_pkt_time":1686799154433661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686801707865988,"l3_proto":"ip4","src_ip":"65.218.6.160","dst_ip":"165.114.202.61","src_port":55146,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":573,"packets-processed":572,"total-skipped-flows":0,"total-l4-payload-len":28691,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":564,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":564,"total-idle-flows":563,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2728,"global_ts_usec":1686809757231212} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686809757231212,"flow_src_last_pkt_time":1686809757231212,"flow_dst_last_pkt_time":1686809757231212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686809757231212,"l3_proto":"ip4","src_ip":"32.248.84.127","dst_ip":"90.141.37.56","src_port":45264,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":565,"flow_packet_id":1,"flow_src_last_pkt_time":1686809757231212,"flow_dst_last_pkt_time":1686809757231212,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686809757231212,"pkt":"3jHC4dyOPJTVQTiBCABFCABLKJcAACIRohgg+FR\/Wo0lOLDQAasAN3D5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686809757231212,"flow_src_last_pkt_time":1686809757231212,"flow_dst_last_pkt_time":1686809757231212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686809757231212,"l3_proto":"ip4","src_ip":"32.248.84.127","dst_ip":"90.141.37.56","src_port":45264,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":564,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686801707865988,"flow_src_last_pkt_time":1686801707865988,"flow_dst_last_pkt_time":1686801707865988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686809757231212,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"85.111.52.57","src_port":64449,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":574,"packets-processed":573,"total-skipped-flows":0,"total-l4-payload-len":28738,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":565,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":565,"total-idle-flows":564,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2733,"global_ts_usec":1686815428144220} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":566,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686815428144220,"flow_src_last_pkt_time":1686815428144220,"flow_dst_last_pkt_time":1686815428144220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686815428144220,"l3_proto":"ip4","src_ip":"69.24.27.60","dst_ip":"90.111.212.50","src_port":56117,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":566,"flow_packet_id":1,"flow_src_last_pkt_time":1686815428144220,"flow_dst_last_pkt_time":1686815428144220,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686815428144220,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbFFFGBs8Wm\/UMts1AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":566,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686815428144220,"flow_src_last_pkt_time":1686815428144220,"flow_dst_last_pkt_time":1686815428144220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686815428144220,"l3_proto":"ip4","src_ip":"69.24.27.60","dst_ip":"90.111.212.50","src_port":56117,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686809757231212,"flow_src_last_pkt_time":1686809757231212,"flow_dst_last_pkt_time":1686809757231212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686815428144220,"l3_proto":"ip4","src_ip":"32.248.84.127","dst_ip":"90.141.37.56","src_port":45264,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":575,"packets-processed":574,"total-skipped-flows":0,"total-l4-payload-len":28767,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":566,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":566,"total-idle-flows":565,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2738,"global_ts_usec":1686819439098098} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":567,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819439098098,"flow_src_last_pkt_time":1686819439098098,"flow_dst_last_pkt_time":1686819439098098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819439098098,"l3_proto":"ip4","src_ip":"64.62.219.130","dst_ip":"85.111.52.57","src_port":17454,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":567,"flow_packet_id":1,"flow_src_last_pkt_time":1686819439098098,"flow_dst_last_pkt_time":1686819439098098,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686819439098098,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+YmVAADQRPoBAPtuCVW80OUQuAasAKoVzAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":567,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819439098098,"flow_src_last_pkt_time":1686819439098098,"flow_dst_last_pkt_time":1686819439098098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819439098098,"l3_proto":"ip4","src_ip":"64.62.219.130","dst_ip":"85.111.52.57","src_port":17454,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":576,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":566,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686815428144220,"flow_src_last_pkt_time":1686815428144220,"flow_dst_last_pkt_time":1686815428144220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819439098098,"l3_proto":"ip4","src_ip":"69.24.27.60","dst_ip":"90.111.212.50","src_port":56117,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":576,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":568,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819473738946,"flow_src_last_pkt_time":1686819473738946,"flow_dst_last_pkt_time":1686819473738946,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819473738946,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"90.111.212.50","src_port":21065,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":576,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":568,"flow_packet_id":1,"flow_src_last_pkt_time":1686819473738946,"flow_dst_last_pkt_time":1686819473738946,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686819473738946,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+wlRAADQR3p5APzSOWm\/UMlJJAasAKndmAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":576,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":568,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819473738946,"flow_src_last_pkt_time":1686819473738946,"flow_dst_last_pkt_time":1686819473738946,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819473738946,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"90.111.212.50","src_port":21065,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":577,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":569,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819657808324,"flow_src_last_pkt_time":1686819657808324,"flow_dst_last_pkt_time":1686819657808324,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819657808324,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"69.109.187.54","src_port":50624,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":577,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":569,"flow_packet_id":1,"flow_src_last_pkt_time":1686819657808324,"flow_dst_last_pkt_time":1686819657808324,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686819657808324,"pkt":"bpHurUgdPJTVQTiBCABFAAA+JC9AADQRfMJAPzSORW27NsXAAasAKgPtAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":577,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":569,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819657808324,"flow_src_last_pkt_time":1686819657808324,"flow_dst_last_pkt_time":1686819657808324,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819657808324,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"69.109.187.54","src_port":50624,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":568,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819473738946,"flow_src_last_pkt_time":1686819473738946,"flow_dst_last_pkt_time":1686819473738946,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819657808324,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"90.111.212.50","src_port":21065,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":567,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819439098098,"flow_src_last_pkt_time":1686819439098098,"flow_dst_last_pkt_time":1686819439098098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819657808324,"l3_proto":"ip4","src_ip":"64.62.219.130","dst_ip":"85.111.52.57","src_port":17454,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":570,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819690034608,"flow_src_last_pkt_time":1686819690034608,"flow_dst_last_pkt_time":1686819690034608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819690034608,"l3_proto":"ip4","src_ip":"9.160.170.26","dst_ip":"69.109.187.54","src_port":53573,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":570,"flow_packet_id":1,"flow_src_last_pkt_time":1686819690034608,"flow_dst_last_pkt_time":1686819690034608,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686819690034608,"pkt":"bpHurUgdPJTVQTiBCABFCABS21FAAC4Ros0JoKoaRW27NtFFAasAPuH0AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":570,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819690034608,"flow_src_last_pkt_time":1686819690034608,"flow_dst_last_pkt_time":1686819690034608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819690034608,"l3_proto":"ip4","src_ip":"9.160.170.26","dst_ip":"69.109.187.54","src_port":53573,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":579,"packets-processed":578,"total-skipped-flows":0,"total-l4-payload-len":28923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":570,"total-detection-updates":0,"total-updates":97,"current-active-flows":2,"total-active-flows":570,"total-idle-flows":568,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2754,"global_ts_usec":1686820137258813} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820137258813,"flow_src_last_pkt_time":1686820137258813,"flow_dst_last_pkt_time":1686820137258813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820137258813,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"90.145.180.58","src_port":51380,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":571,"flow_packet_id":1,"flow_src_last_pkt_time":1686820137258813,"flow_dst_last_pkt_time":1686820137258813,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686820137258813,"pkt":"bs1PogZtPJTVQTiBCABFAAA+CBNAADQRmNRAwcSFWpG0Osi0AasAKgDvAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820137258813,"flow_src_last_pkt_time":1686820137258813,"flow_dst_last_pkt_time":1686820137258813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820137258813,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"90.145.180.58","src_port":51380,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":580,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":570,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819690034608,"flow_src_last_pkt_time":1686819690034608,"flow_dst_last_pkt_time":1686819690034608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820137258813,"l3_proto":"ip4","src_ip":"9.160.170.26","dst_ip":"69.109.187.54","src_port":53573,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":580,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":569,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819657808324,"flow_src_last_pkt_time":1686819657808324,"flow_dst_last_pkt_time":1686819657808324,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820137258813,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"69.109.187.54","src_port":50624,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":580,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":572,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820163339870,"flow_src_last_pkt_time":1686820163339870,"flow_dst_last_pkt_time":1686820163339870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820163339870,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"90.141.37.56","src_port":51252,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":580,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":572,"flow_packet_id":1,"flow_src_last_pkt_time":1686820163339870,"flow_dst_last_pkt_time":1686820163339870,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686820163339870,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRXo9QM39KWo0lOMg0AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01069{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":580,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":572,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820163339870,"flow_src_last_pkt_time":1686820163339870,"flow_dst_last_pkt_time":1686820163339870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820163339870,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"90.141.37.56","src_port":51252,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":581,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":573,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820293978966,"flow_src_last_pkt_time":1686820293978966,"flow_dst_last_pkt_time":1686820293978966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820293978966,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"186.112.202.53","src_port":41896,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":581,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":573,"flow_packet_id":1,"flow_src_last_pkt_time":1686820293978966,"flow_dst_last_pkt_time":1686820293978966,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686820293978966,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+XMNAADQRRDCgR9WMunDKNaOoAasAKiYHAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":581,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":573,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820293978966,"flow_src_last_pkt_time":1686820293978966,"flow_dst_last_pkt_time":1686820293978966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820293978966,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"186.112.202.53","src_port":41896,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":572,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820163339870,"flow_src_last_pkt_time":1686820163339870,"flow_dst_last_pkt_time":1686820163339870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820293978966,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"90.141.37.56","src_port":51252,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01113{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820137258813,"flow_src_last_pkt_time":1686820137258813,"flow_dst_last_pkt_time":1686820137258813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820293978966,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"90.145.180.58","src_port":51380,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":582,"packets-processed":581,"total-skipped-flows":0,"total-l4-payload-len":29020,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":573,"total-detection-updates":0,"total-updates":99,"current-active-flows":3,"total-active-flows":573,"total-idle-flows":570,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2768,"global_ts_usec":1686820910359963} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":574,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820910359963,"flow_src_last_pkt_time":1686820910359963,"flow_dst_last_pkt_time":1686820910359963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820910359963,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":38472,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":574,"flow_packet_id":1,"flow_src_last_pkt_time":1686820910359963,"flow_dst_last_pkt_time":1686820910359963,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686820910359963,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+iNFAADQRGBe\/OSSHpZBUPpZIAasAKjNcAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":574,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820910359963,"flow_src_last_pkt_time":1686820910359963,"flow_dst_last_pkt_time":1686820910359963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820910359963,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":38472,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01108{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":572,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820163339870,"flow_src_last_pkt_time":1686820163339870,"flow_dst_last_pkt_time":1686820163339870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820910359963,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"90.141.37.56","src_port":51252,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820137258813,"flow_src_last_pkt_time":1686820137258813,"flow_dst_last_pkt_time":1686820137258813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820910359963,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"90.145.180.58","src_port":51380,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":573,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820293978966,"flow_src_last_pkt_time":1686820293978966,"flow_dst_last_pkt_time":1686820293978966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820910359963,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"186.112.202.53","src_port":41896,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":575,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821183061310,"flow_src_last_pkt_time":1686821183061310,"flow_dst_last_pkt_time":1686821183061310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821183061310,"l3_proto":"ip4","src_ip":"65.193.203.129","dst_ip":"90.141.37.56","src_port":63990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":575,"flow_packet_id":1,"flow_src_last_pkt_time":1686821183061310,"flow_dst_last_pkt_time":1686821183061310,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686821183061310,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+lolAADQRCl9BwcuBWo0lOPn2AasAKs+tAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":575,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821183061310,"flow_src_last_pkt_time":1686821183061310,"flow_dst_last_pkt_time":1686821183061310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821183061310,"l3_proto":"ip4","src_ip":"65.193.203.129","dst_ip":"90.141.37.56","src_port":63990,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":574,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820910359963,"flow_src_last_pkt_time":1686820910359963,"flow_dst_last_pkt_time":1686820910359963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821183061310,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":38472,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":584,"packets-processed":583,"total-skipped-flows":0,"total-l4-payload-len":29088,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":575,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":575,"total-idle-flows":574,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2779,"global_ts_usec":1686821576328540} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":576,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821576328540,"flow_src_last_pkt_time":1686821576328540,"flow_dst_last_pkt_time":1686821576328540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821576328540,"l3_proto":"ip4","src_ip":"71.191.53.138","dst_ip":"165.114.202.61","src_port":59582,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":576,"flow_packet_id":1,"flow_src_last_pkt_time":1686821576328540,"flow_dst_last_pkt_time":1686821576328540,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686821576328540,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+edNAADQRJxlHvzWKpXLKPei+AasAKuDpAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":576,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821576328540,"flow_src_last_pkt_time":1686821576328540,"flow_dst_last_pkt_time":1686821576328540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821576328540,"l3_proto":"ip4","src_ip":"71.191.53.138","dst_ip":"165.114.202.61","src_port":59582,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":575,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821183061310,"flow_src_last_pkt_time":1686821183061310,"flow_dst_last_pkt_time":1686821183061310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821576328540,"l3_proto":"ip4","src_ip":"65.193.203.129","dst_ip":"90.141.37.56","src_port":63990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":585,"packets-processed":584,"total-skipped-flows":0,"total-l4-payload-len":29122,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":576,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":576,"total-idle-flows":575,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2784,"global_ts_usec":1686822857775383} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686822857775383,"flow_src_last_pkt_time":1686822857775383,"flow_dst_last_pkt_time":1686822857775383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686822857775383,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"74.111.203.55","src_port":32482,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":577,"flow_packet_id":1,"flow_src_last_pkt_time":1686822857775383,"flow_dst_last_pkt_time":1686822857775383,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686822857775383,"pkt":"ipffLU2SPJTVQTiBCABFAAA+b3NAADQRMYKgR9WMSm\/LN37iAasAKkrPAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686822857775383,"flow_src_last_pkt_time":1686822857775383,"flow_dst_last_pkt_time":1686822857775383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686822857775383,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"74.111.203.55","src_port":32482,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":576,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821576328540,"flow_src_last_pkt_time":1686821576328540,"flow_dst_last_pkt_time":1686821576328540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686822857775383,"l3_proto":"ip4","src_ip":"71.191.53.138","dst_ip":"165.114.202.61","src_port":59582,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":586,"packets-processed":585,"total-skipped-flows":0,"total-l4-payload-len":29156,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":577,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":577,"total-idle-flows":576,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2789,"global_ts_usec":1686823539150971} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":578,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686823539150971,"flow_src_last_pkt_time":1686823539150971,"flow_dst_last_pkt_time":1686823539150971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686823539150971,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"74.111.203.55","src_port":41415,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":578,"flow_packet_id":1,"flow_src_last_pkt_time":1686823539150971,"flow_dst_last_pkt_time":1686823539150971,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686823539150971,"pkt":"ipffLU2SPJTVQTiBCABFAABLhjwAACcRTORiZ\/1zSm\/LN6HHAasAN41rAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":578,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686823539150971,"flow_src_last_pkt_time":1686823539150971,"flow_dst_last_pkt_time":1686823539150971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686823539150971,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"74.111.203.55","src_port":41415,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686822857775383,"flow_src_last_pkt_time":1686822857775383,"flow_dst_last_pkt_time":1686822857775383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686823539150971,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"74.111.203.55","src_port":32482,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00590{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":587,"packets-processed":586,"total-skipped-flows":0,"total-l4-payload-len":29203,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":578,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":578,"total-idle-flows":577,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2794,"global_ts_usec":1686825966772504} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":579,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686825966772504,"flow_src_last_pkt_time":1686825966772504,"flow_dst_last_pkt_time":1686825966772504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686825966772504,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"165.144.84.62","src_port":56415,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":579,"flow_packet_id":1,"flow_src_last_pkt_time":1686825966772504,"flow_dst_last_pkt_time":1686825966772504,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686825966772504,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbU4h2Fo4pZBUPtxfAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":579,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686825966772504,"flow_src_last_pkt_time":1686825966772504,"flow_dst_last_pkt_time":1686825966772504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686825966772504,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"165.144.84.62","src_port":56415,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":578,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686823539150971,"flow_src_last_pkt_time":1686823539150971,"flow_dst_last_pkt_time":1686823539150971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686825966772504,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"74.111.203.55","src_port":41415,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":580,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826280078870,"flow_src_last_pkt_time":1686826280078870,"flow_dst_last_pkt_time":1686826280078870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686826280078870,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"186.112.202.53","src_port":6873,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":580,"flow_packet_id":1,"flow_src_last_pkt_time":1686826280078870,"flow_dst_last_pkt_time":1686826280078870,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686826280078870,"pkt":"xmjqc4OdPJTVQTiBCABFAABL+tQAACcR2FGagXt8unDKNRrZAasANxRgAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":580,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826280078870,"flow_src_last_pkt_time":1686826280078870,"flow_dst_last_pkt_time":1686826280078870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686826280078870,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"186.112.202.53","src_port":6873,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":579,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686825966772504,"flow_src_last_pkt_time":1686825966772504,"flow_dst_last_pkt_time":1686825966772504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686826280078870,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"165.144.84.62","src_port":56415,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":581,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826372484485,"flow_src_last_pkt_time":1686826372484485,"flow_dst_last_pkt_time":1686826372484485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686826372484485,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":55745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":581,"flow_packet_id":1,"flow_src_last_pkt_time":1686826372484485,"flow_dst_last_pkt_time":1686826372484485,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686826372484485,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRYDnSDNiXWpG0OtnBAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":581,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826372484485,"flow_src_last_pkt_time":1686826372484485,"flow_dst_last_pkt_time":1686826372484485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686826372484485,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":55745,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01114{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":580,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826280078870,"flow_src_last_pkt_time":1686826280078870,"flow_dst_last_pkt_time":1686826280078870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686826372484485,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"186.112.202.53","src_port":6873,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":590,"packets-processed":589,"total-skipped-flows":0,"total-l4-payload-len":29308,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":581,"total-detection-updates":0,"total-updates":100,"current-active-flows":2,"total-active-flows":581,"total-idle-flows":579,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2807,"global_ts_usec":1686827895727367} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":582,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686827895727367,"flow_src_last_pkt_time":1686827895727367,"flow_dst_last_pkt_time":1686827895727367,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686827895727367,"l3_proto":"ip4","src_ip":"65.20.223.151","dst_ip":"90.147.171.51","src_port":51977,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":582,"flow_packet_id":1,"flow_src_last_pkt_time":1686827895727367,"flow_dst_last_pkt_time":1686827895727367,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686827895727367,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbilBFN+XWpOrM8sJAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":582,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686827895727367,"flow_src_last_pkt_time":1686827895727367,"flow_dst_last_pkt_time":1686827895727367,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686827895727367,"l3_proto":"ip4","src_ip":"65.20.223.151","dst_ip":"90.147.171.51","src_port":51977,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":581,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826372484485,"flow_src_last_pkt_time":1686826372484485,"flow_dst_last_pkt_time":1686826372484485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686827895727367,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":55745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":580,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826280078870,"flow_src_last_pkt_time":1686826280078870,"flow_dst_last_pkt_time":1686826280078870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686827895727367,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"186.112.202.53","src_port":6873,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":591,"packets-processed":590,"total-skipped-flows":0,"total-l4-payload-len":29337,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":582,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":582,"total-idle-flows":581,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2813,"global_ts_usec":1686831590603565} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":583,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686831590603565,"flow_src_last_pkt_time":1686831590603565,"flow_dst_last_pkt_time":1686831590603565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686831590603565,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"165.114.202.61","src_port":54342,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":583,"flow_packet_id":1,"flow_src_last_pkt_time":1686831590603565,"flow_dst_last_pkt_time":1686831590603565,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686831590603565,"pkt":"AAwp30Y4PJTVQTiBCABFCABL3soAACQR5ZVYH27bpXLKPdRGAasAN0k0AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":583,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686831590603565,"flow_src_last_pkt_time":1686831590603565,"flow_dst_last_pkt_time":1686831590603565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686831590603565,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"165.114.202.61","src_port":54342,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":582,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686827895727367,"flow_src_last_pkt_time":1686827895727367,"flow_dst_last_pkt_time":1686827895727367,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686831590603565,"l3_proto":"ip4","src_ip":"65.20.223.151","dst_ip":"90.147.171.51","src_port":51977,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":592,"packets-processed":591,"total-skipped-flows":0,"total-l4-payload-len":29384,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":583,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":583,"total-idle-flows":582,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2818,"global_ts_usec":1686834792524626} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":584,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834792524626,"flow_src_last_pkt_time":1686834792524626,"flow_dst_last_pkt_time":1686834792524626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686834792524626,"l3_proto":"ip4","src_ip":"206.206.184.241","dst_ip":"69.109.187.54","src_port":50350,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":584,"flow_packet_id":1,"flow_src_last_pkt_time":1686834792524626,"flow_dst_last_pkt_time":1686834792524626,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686834792524626,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRX\/bOzrjxRW27NsSuAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":584,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834792524626,"flow_src_last_pkt_time":1686834792524626,"flow_dst_last_pkt_time":1686834792524626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686834792524626,"l3_proto":"ip4","src_ip":"206.206.184.241","dst_ip":"69.109.187.54","src_port":50350,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":583,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686831590603565,"flow_src_last_pkt_time":1686831590603565,"flow_dst_last_pkt_time":1686831590603565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686834792524626,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"165.114.202.61","src_port":54342,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":585,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834822514899,"flow_src_last_pkt_time":1686834822514899,"flow_dst_last_pkt_time":1686834822514899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686834822514899,"l3_proto":"ip4","src_ip":"190.35.225.89","dst_ip":"85.111.52.57","src_port":52867,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":585,"flow_packet_id":1,"flow_src_last_pkt_time":1686834822514899,"flow_dst_last_pkt_time":1686834822514899,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686834822514899,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbYW+I+FZVW80Oc6DAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":585,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834822514899,"flow_src_last_pkt_time":1686834822514899,"flow_dst_last_pkt_time":1686834822514899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686834822514899,"l3_proto":"ip4","src_ip":"190.35.225.89","dst_ip":"85.111.52.57","src_port":52867,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":594,"packets-processed":593,"total-skipped-flows":0,"total-l4-payload-len":29442,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":585,"total-detection-updates":0,"total-updates":100,"current-active-flows":2,"total-active-flows":585,"total-idle-flows":583,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2826,"global_ts_usec":1686835718979040} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686835718979040,"flow_src_last_pkt_time":1686835718979040,"flow_dst_last_pkt_time":1686835718979040,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686835718979040,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"165.144.84.62","src_port":63301,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":586,"flow_packet_id":1,"flow_src_last_pkt_time":1686835718979040,"flow_dst_last_pkt_time":1686835718979040,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686835718979040,"pkt":"AAwp30Y4PJTVQTiBCABFCABL0T8AACQR8xzjB7LfpZBUPvdFAasANyYxAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686835718979040,"flow_src_last_pkt_time":1686835718979040,"flow_dst_last_pkt_time":1686835718979040,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686835718979040,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"165.144.84.62","src_port":63301,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":584,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834792524626,"flow_src_last_pkt_time":1686834792524626,"flow_dst_last_pkt_time":1686834792524626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686835718979040,"l3_proto":"ip4","src_ip":"206.206.184.241","dst_ip":"69.109.187.54","src_port":50350,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":585,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834822514899,"flow_src_last_pkt_time":1686834822514899,"flow_dst_last_pkt_time":1686834822514899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686835718979040,"l3_proto":"ip4","src_ip":"190.35.225.89","dst_ip":"85.111.52.57","src_port":52867,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":595,"packets-processed":594,"total-skipped-flows":0,"total-l4-payload-len":29489,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":586,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":586,"total-idle-flows":585,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2832,"global_ts_usec":1686837738680875} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":587,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686837738680875,"flow_src_last_pkt_time":1686837738680875,"flow_dst_last_pkt_time":1686837738680875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686837738680875,"l3_proto":"ip4","src_ip":"34.214.128.211","dst_ip":"74.111.203.55","src_port":50699,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":587,"flow_packet_id":1,"flow_src_last_pkt_time":1686837738680875,"flow_dst_last_pkt_time":1686837738680875,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686837738680875,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbc0i1oDTSm\/LN8YLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01076{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":587,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686837738680875,"flow_src_last_pkt_time":1686837738680875,"flow_dst_last_pkt_time":1686837738680875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686837738680875,"l3_proto":"ip4","src_ip":"34.214.128.211","dst_ip":"74.111.203.55","src_port":50699,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686835718979040,"flow_src_last_pkt_time":1686835718979040,"flow_dst_last_pkt_time":1686835718979040,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686837738680875,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"165.144.84.62","src_port":63301,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":596,"packets-processed":595,"total-skipped-flows":0,"total-l4-payload-len":29518,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":587,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":587,"total-idle-flows":586,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2837,"global_ts_usec":1686840095634071} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":588,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840095634071,"flow_src_last_pkt_time":1686840095634071,"flow_dst_last_pkt_time":1686840095634071,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840095634071,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":44047,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":588,"flow_packet_id":1,"flow_src_last_pkt_time":1686840095634071,"flow_dst_last_pkt_time":1686840095634071,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686840095634071,"pkt":"moT+\/Ph8PJTVQTiBCABFCABSMJwAAGsR5fhDnxCWVW80OawPAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":588,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840095634071,"flow_src_last_pkt_time":1686840095634071,"flow_dst_last_pkt_time":1686840095634071,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840095634071,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":44047,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":587,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686837738680875,"flow_src_last_pkt_time":1686837738680875,"flow_dst_last_pkt_time":1686837738680875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840095634071,"l3_proto":"ip4","src_ip":"34.214.128.211","dst_ip":"74.111.203.55","src_port":50699,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":597,"packets-processed":596,"total-skipped-flows":0,"total-l4-payload-len":29572,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":588,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":588,"total-idle-flows":587,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2842,"global_ts_usec":1686840886120988} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":589,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840886120988,"flow_src_last_pkt_time":1686840886120988,"flow_dst_last_pkt_time":1686840886120988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840886120988,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"74.111.203.55","src_port":38016,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":589,"flow_packet_id":1,"flow_src_last_pkt_time":1686840886120988,"flow_dst_last_pkt_time":1686840886120988,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686840886120988,"pkt":"ipffLU2SPJTVQTiBCABFCABL2jYAACQR6jfn33nVSm\/LN5SAAasAN4kIAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":589,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840886120988,"flow_src_last_pkt_time":1686840886120988,"flow_dst_last_pkt_time":1686840886120988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840886120988,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"74.111.203.55","src_port":38016,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":588,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840095634071,"flow_src_last_pkt_time":1686840095634071,"flow_dst_last_pkt_time":1686840095634071,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840886120988,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":44047,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":598,"packets-processed":597,"total-skipped-flows":0,"total-l4-payload-len":29619,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":589,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":589,"total-idle-flows":588,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2847,"global_ts_usec":1686854380719448} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":590,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686854380719448,"flow_src_last_pkt_time":1686854380719448,"flow_dst_last_pkt_time":1686854380719448,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686854380719448,"l3_proto":"ip4","src_ip":"218.225.124.29","dst_ip":"69.109.187.54","src_port":52381,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":590,"flow_packet_id":1,"flow_src_last_pkt_time":1686854380719448,"flow_dst_last_pkt_time":1686854380719448,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686854380719448,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRbEHa4XwdRW27NsydAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":590,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686854380719448,"flow_src_last_pkt_time":1686854380719448,"flow_dst_last_pkt_time":1686854380719448,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686854380719448,"l3_proto":"ip4","src_ip":"218.225.124.29","dst_ip":"69.109.187.54","src_port":52381,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":589,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840886120988,"flow_src_last_pkt_time":1686840886120988,"flow_dst_last_pkt_time":1686840886120988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686854380719448,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"74.111.203.55","src_port":38016,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":599,"packets-processed":598,"total-skipped-flows":0,"total-l4-payload-len":29648,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":590,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":590,"total-idle-flows":589,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2852,"global_ts_usec":1686869889080815} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":591,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686869889080815,"flow_src_last_pkt_time":1686869889080815,"flow_dst_last_pkt_time":1686869889080815,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686869889080815,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":47273,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":591,"flow_packet_id":1,"flow_src_last_pkt_time":1686869889080815,"flow_dst_last_pkt_time":1686869889080815,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686869889080815,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN7ipAasAJTHQAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":591,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686869889080815,"flow_src_last_pkt_time":1686869889080815,"flow_dst_last_pkt_time":1686869889080815,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686869889080815,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":47273,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":590,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686854380719448,"flow_src_last_pkt_time":1686854380719448,"flow_dst_last_pkt_time":1686854380719448,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686869889080815,"l3_proto":"ip4","src_ip":"218.225.124.29","dst_ip":"69.109.187.54","src_port":52381,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":592,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686870203714333,"flow_src_last_pkt_time":1686870203714333,"flow_dst_last_pkt_time":1686870203714333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686870203714333,"l3_proto":"ip4","src_ip":"49.45.160.215","dst_ip":"165.114.202.61","src_port":52110,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":592,"flow_packet_id":1,"flow_src_last_pkt_time":1686870203714333,"flow_dst_last_pkt_time":1686870203714333,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686870203714333,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXtoxLaDXpXLKPcuOAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":592,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686870203714333,"flow_src_last_pkt_time":1686870203714333,"flow_dst_last_pkt_time":1686870203714333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686870203714333,"l3_proto":"ip4","src_ip":"49.45.160.215","dst_ip":"165.114.202.61","src_port":52110,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":591,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686869889080815,"flow_src_last_pkt_time":1686869889080815,"flow_dst_last_pkt_time":1686869889080815,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686870203714333,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":47273,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":601,"packets-processed":600,"total-skipped-flows":0,"total-l4-payload-len":29706,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":592,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":592,"total-idle-flows":591,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2861,"global_ts_usec":1686871454458967} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":593,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686871454458967,"flow_src_last_pkt_time":1686871454458967,"flow_dst_last_pkt_time":1686871454458967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686871454458967,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":56053,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":593,"flow_packet_id":1,"flow_src_last_pkt_time":1686871454458967,"flow_dst_last_pkt_time":1686871454458967,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686871454458967,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27Ntr1AasAJQ+DAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":593,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686871454458967,"flow_src_last_pkt_time":1686871454458967,"flow_dst_last_pkt_time":1686871454458967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686871454458967,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":56053,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":592,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686870203714333,"flow_src_last_pkt_time":1686870203714333,"flow_dst_last_pkt_time":1686870203714333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686871454458967,"l3_proto":"ip4","src_ip":"49.45.160.215","dst_ip":"165.114.202.61","src_port":52110,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":602,"packets-processed":601,"total-skipped-flows":0,"total-l4-payload-len":29735,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":593,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":593,"total-idle-flows":592,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2866,"global_ts_usec":1686873049876707} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":594,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686873049876707,"flow_src_last_pkt_time":1686873049876707,"flow_dst_last_pkt_time":1686873049876707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686873049876707,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":44785,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":594,"flow_packet_id":1,"flow_src_last_pkt_time":1686873049876707,"flow_dst_last_pkt_time":1686873049876707,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686873049876707,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM67xAasAJTuKAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":594,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686873049876707,"flow_src_last_pkt_time":1686873049876707,"flow_dst_last_pkt_time":1686873049876707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686873049876707,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":44785,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":593,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686871454458967,"flow_src_last_pkt_time":1686871454458967,"flow_dst_last_pkt_time":1686871454458967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686873049876707,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":56053,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":603,"packets-processed":602,"total-skipped-flows":0,"total-l4-payload-len":29764,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":594,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":594,"total-idle-flows":593,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2871,"global_ts_usec":1686874733087762} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":595,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686874733087762,"flow_src_last_pkt_time":1686874733087762,"flow_dst_last_pkt_time":1686874733087762,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686874733087762,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54403,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":595,"flow_packet_id":1,"flow_src_last_pkt_time":1686874733087762,"flow_dst_last_pkt_time":1686874733087762,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686874733087762,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lONSDAasAJRXyAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":595,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686874733087762,"flow_src_last_pkt_time":1686874733087762,"flow_dst_last_pkt_time":1686874733087762,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686874733087762,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54403,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":594,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686873049876707,"flow_src_last_pkt_time":1686873049876707,"flow_dst_last_pkt_time":1686873049876707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686874733087762,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":44785,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":596,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875253404813,"flow_src_last_pkt_time":1686875253404813,"flow_dst_last_pkt_time":1686875253404813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875253404813,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"85.111.52.57","src_port":5941,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":596,"flow_packet_id":1,"flow_src_last_pkt_time":1686875253404813,"flow_dst_last_pkt_time":1686875253404813,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686875253404813,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLoTQAACIRKX2Y\/6p8VW80ORc1AasANwqXAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":596,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875253404813,"flow_src_last_pkt_time":1686875253404813,"flow_dst_last_pkt_time":1686875253404813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875253404813,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"85.111.52.57","src_port":5941,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":595,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686874733087762,"flow_src_last_pkt_time":1686874733087762,"flow_dst_last_pkt_time":1686874733087762,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875253404813,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54403,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":605,"packets-processed":604,"total-skipped-flows":0,"total-l4-payload-len":29840,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":596,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":596,"total-idle-flows":595,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2880,"global_ts_usec":1686875903844766} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":597,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875903844766,"flow_src_last_pkt_time":1686875903844766,"flow_dst_last_pkt_time":1686875903844766,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875903844766,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":41849,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":597,"flow_packet_id":1,"flow_src_last_pkt_time":1686875903844766,"flow_dst_last_pkt_time":1686875903844766,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686875903844766,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMqN5AasAJUcBAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":597,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875903844766,"flow_src_last_pkt_time":1686875903844766,"flow_dst_last_pkt_time":1686875903844766,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875903844766,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":41849,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":596,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875253404813,"flow_src_last_pkt_time":1686875253404813,"flow_dst_last_pkt_time":1686875253404813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875903844766,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"85.111.52.57","src_port":5941,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":606,"packets-processed":605,"total-skipped-flows":0,"total-l4-payload-len":29869,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":597,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":597,"total-idle-flows":596,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2885,"global_ts_usec":1686876990016671} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":598,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686876990016671,"flow_src_last_pkt_time":1686876990016671,"flow_dst_last_pkt_time":1686876990016671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686876990016671,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":55801,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":598,"flow_packet_id":1,"flow_src_last_pkt_time":1686876990016671,"flow_dst_last_pkt_time":1686876990016671,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686876990016671,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPdn5AasAJRB2AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":598,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686876990016671,"flow_src_last_pkt_time":1686876990016671,"flow_dst_last_pkt_time":1686876990016671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686876990016671,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":55801,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":597,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875903844766,"flow_src_last_pkt_time":1686875903844766,"flow_dst_last_pkt_time":1686875903844766,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686876990016671,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":41849,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":607,"packets-processed":606,"total-skipped-flows":0,"total-l4-payload-len":29898,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":598,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":598,"total-idle-flows":597,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2890,"global_ts_usec":1686878041820268} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":599,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686878041820268,"flow_src_last_pkt_time":1686878041820268,"flow_dst_last_pkt_time":1686878041820268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686878041820268,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":59938,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":599,"flow_packet_id":1,"flow_src_last_pkt_time":1686878041820268,"flow_dst_last_pkt_time":1686878041820268,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686878041820268,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPuoiAasAJQBOAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":599,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686878041820268,"flow_src_last_pkt_time":1686878041820268,"flow_dst_last_pkt_time":1686878041820268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686878041820268,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":59938,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":598,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686876990016671,"flow_src_last_pkt_time":1686876990016671,"flow_dst_last_pkt_time":1686876990016671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686878041820268,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":55801,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":608,"packets-processed":607,"total-skipped-flows":0,"total-l4-payload-len":29927,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":599,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":599,"total-idle-flows":598,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2895,"global_ts_usec":1686879129948527} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":600,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686879129948527,"flow_src_last_pkt_time":1686879129948527,"flow_dst_last_pkt_time":1686879129948527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686879129948527,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.147.171.51","src_port":42800,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":600,"flow_packet_id":1,"flow_src_last_pkt_time":1686879129948527,"flow_dst_last_pkt_time":1686879129948527,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686879129948527,"pkt":"AAwp30Y4PJTVQTiBCABFAABLl1IAACcRO9qdePx7WpOrM6cwAasAN4gOAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":600,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686879129948527,"flow_src_last_pkt_time":1686879129948527,"flow_dst_last_pkt_time":1686879129948527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686879129948527,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.147.171.51","src_port":42800,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":599,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686878041820268,"flow_src_last_pkt_time":1686878041820268,"flow_dst_last_pkt_time":1686878041820268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686879129948527,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":59938,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":609,"packets-processed":608,"total-skipped-flows":0,"total-l4-payload-len":29974,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":600,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":600,"total-idle-flows":599,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2900,"global_ts_usec":1686883384416005} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":601,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686883384416005,"flow_src_last_pkt_time":1686883384416005,"flow_dst_last_pkt_time":1686883384416005,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686883384416005,"l3_proto":"ip4","src_ip":"155.185.93.215","dst_ip":"165.144.84.62","src_port":16031,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":601,"flow_packet_id":1,"flow_src_last_pkt_time":1686883384416005,"flow_dst_last_pkt_time":1686883384416005,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686883384416005,"pkt":"AAwp30Y4PJTVQTiBCABFCABLS3QAACMRefObuV3XpZBUPj6fAasAN97iAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":601,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686883384416005,"flow_src_last_pkt_time":1686883384416005,"flow_dst_last_pkt_time":1686883384416005,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686883384416005,"l3_proto":"ip4","src_ip":"155.185.93.215","dst_ip":"165.144.84.62","src_port":16031,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":600,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686879129948527,"flow_src_last_pkt_time":1686879129948527,"flow_dst_last_pkt_time":1686879129948527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686883384416005,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.147.171.51","src_port":42800,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":610,"packets-processed":609,"total-skipped-flows":0,"total-l4-payload-len":30021,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":601,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":601,"total-idle-flows":600,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2905,"global_ts_usec":1686884068384734} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":602,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686884068384734,"flow_src_last_pkt_time":1686884068384734,"flow_dst_last_pkt_time":1686884068384734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686884068384734,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"186.112.202.53","src_port":49286,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":602,"flow_packet_id":1,"flow_src_last_pkt_time":1686884068384734,"flow_dst_last_pkt_time":1686884068384734,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686884068384734,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRX1OuMgcLunDKNcCGAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":602,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686884068384734,"flow_src_last_pkt_time":1686884068384734,"flow_dst_last_pkt_time":1686884068384734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686884068384734,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"186.112.202.53","src_port":49286,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":601,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686883384416005,"flow_src_last_pkt_time":1686883384416005,"flow_dst_last_pkt_time":1686883384416005,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686884068384734,"l3_proto":"ip4","src_ip":"155.185.93.215","dst_ip":"165.144.84.62","src_port":16031,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":611,"packets-processed":610,"total-skipped-flows":0,"total-l4-payload-len":30050,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":602,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":602,"total-idle-flows":601,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2910,"global_ts_usec":1686887976934834} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686887976934834,"flow_src_last_pkt_time":1686887976934834,"flow_dst_last_pkt_time":1686887976934834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686887976934834,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"74.111.203.55","src_port":54129,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":603,"flow_packet_id":1,"flow_src_last_pkt_time":1686887976934834,"flow_dst_last_pkt_time":1686887976934834,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686887976934834,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRbRJZ1jiBSm\/LN9NxAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686887976934834,"flow_src_last_pkt_time":1686887976934834,"flow_dst_last_pkt_time":1686887976934834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686887976934834,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"74.111.203.55","src_port":54129,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":602,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686884068384734,"flow_src_last_pkt_time":1686884068384734,"flow_dst_last_pkt_time":1686884068384734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686887976934834,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"186.112.202.53","src_port":49286,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":612,"packets-processed":611,"total-skipped-flows":0,"total-l4-payload-len":30079,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":603,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":603,"total-idle-flows":602,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2915,"global_ts_usec":1686889052799486} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":604,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686889052799486,"flow_src_last_pkt_time":1686889052799486,"flow_dst_last_pkt_time":1686889052799486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686889052799486,"l3_proto":"ip4","src_ip":"166.209.36.168","dst_ip":"90.141.37.56","src_port":54765,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":604,"flow_packet_id":1,"flow_src_last_pkt_time":1686889052799486,"flow_dst_last_pkt_time":1686889052799486,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686889052799486,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbgOm0SSoWo0lONXtAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":604,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686889052799486,"flow_src_last_pkt_time":1686889052799486,"flow_dst_last_pkt_time":1686889052799486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686889052799486,"l3_proto":"ip4","src_ip":"166.209.36.168","dst_ip":"90.141.37.56","src_port":54765,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686887976934834,"flow_src_last_pkt_time":1686887976934834,"flow_dst_last_pkt_time":1686887976934834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686889052799486,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"74.111.203.55","src_port":54129,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":613,"packets-processed":612,"total-skipped-flows":0,"total-l4-payload-len":30108,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":604,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":604,"total-idle-flows":603,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2920,"global_ts_usec":1686891665856707} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":605,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891665856707,"flow_src_last_pkt_time":1686891665856707,"flow_dst_last_pkt_time":1686891665856707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891665856707,"l3_proto":"ip4","src_ip":"70.191.37.189","dst_ip":"90.145.180.58","src_port":53867,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":605,"flow_packet_id":1,"flow_src_last_pkt_time":1686891665856707,"flow_dst_last_pkt_time":1686891665856707,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686891665856707,"pkt":"bs1PogZtPJTVQTiBCABFAAA+4yBAADQRvaRGvyW9WpG0OtJrAasAKvcVAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":605,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891665856707,"flow_src_last_pkt_time":1686891665856707,"flow_dst_last_pkt_time":1686891665856707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891665856707,"l3_proto":"ip4","src_ip":"70.191.37.189","dst_ip":"90.145.180.58","src_port":53867,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":604,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686889052799486,"flow_src_last_pkt_time":1686889052799486,"flow_dst_last_pkt_time":1686889052799486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891665856707,"l3_proto":"ip4","src_ip":"166.209.36.168","dst_ip":"90.141.37.56","src_port":54765,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":606,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891861875895,"flow_src_last_pkt_time":1686891861875895,"flow_dst_last_pkt_time":1686891861875895,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891861875895,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"69.109.187.54","src_port":28945,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":606,"flow_packet_id":1,"flow_src_last_pkt_time":1686891861875895,"flow_dst_last_pkt_time":1686891861875895,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686891861875895,"pkt":"bpHurUgdPJTVQTiBCABFAAA+orpAADQR\/humRju1RW27NnERAasAKliBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":606,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891861875895,"flow_src_last_pkt_time":1686891861875895,"flow_dst_last_pkt_time":1686891861875895,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891861875895,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"69.109.187.54","src_port":28945,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":615,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":605,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891665856707,"flow_src_last_pkt_time":1686891665856707,"flow_dst_last_pkt_time":1686891665856707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891861875895,"l3_proto":"ip4","src_ip":"70.191.37.189","dst_ip":"90.145.180.58","src_port":53867,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":615,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":607,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891930334421,"flow_src_last_pkt_time":1686891930334421,"flow_dst_last_pkt_time":1686891930334421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891930334421,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.114.202.61","src_port":12807,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":615,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":607,"flow_packet_id":1,"flow_src_last_pkt_time":1686891930334421,"flow_dst_last_pkt_time":1686891930334421,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686891930334421,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+IGlAADQRgGBYwNWwpXLKPTIHAasAKpd+AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":615,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":607,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891930334421,"flow_src_last_pkt_time":1686891930334421,"flow_dst_last_pkt_time":1686891930334421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891930334421,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.114.202.61","src_port":12807,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":616,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":606,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891861875895,"flow_src_last_pkt_time":1686891861875895,"flow_dst_last_pkt_time":1686891861875895,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891930334421,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"69.109.187.54","src_port":28945,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":616,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":608,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891994836858,"flow_src_last_pkt_time":1686891994836858,"flow_dst_last_pkt_time":1686891994836858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891994836858,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.144.84.62","src_port":12807,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":616,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":608,"flow_packet_id":1,"flow_src_last_pkt_time":1686891994836858,"flow_dst_last_pkt_time":1686891994836858,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686891994836858,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+7LdAADQRtBJYwNWwpZBUPjIHAasAKpd\/AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":616,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":608,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891994836858,"flow_src_last_pkt_time":1686891994836858,"flow_dst_last_pkt_time":1686891994836858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891994836858,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.144.84.62","src_port":12807,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":606,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891861875895,"flow_src_last_pkt_time":1686891861875895,"flow_dst_last_pkt_time":1686891861875895,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891994836858,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"69.109.187.54","src_port":28945,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01114{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":607,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891930334421,"flow_src_last_pkt_time":1686891930334421,"flow_dst_last_pkt_time":1686891930334421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891994836858,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.114.202.61","src_port":12807,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":609,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686892196221763,"flow_src_last_pkt_time":1686892196221763,"flow_dst_last_pkt_time":1686892196221763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686892196221763,"l3_proto":"ip4","src_ip":"95.185.37.180","dst_ip":"85.111.52.57","src_port":56601,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":609,"flow_packet_id":1,"flow_src_last_pkt_time":1686892196221763,"flow_dst_last_pkt_time":1686892196221763,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686892196221763,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+hAdAADQRHMpfuSW0VW80Od0ZAasAKuxzAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":609,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686892196221763,"flow_src_last_pkt_time":1686892196221763,"flow_dst_last_pkt_time":1686892196221763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686892196221763,"l3_proto":"ip4","src_ip":"95.185.37.180","dst_ip":"85.111.52.57","src_port":56601,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":608,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891994836858,"flow_src_last_pkt_time":1686891994836858,"flow_dst_last_pkt_time":1686891994836858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686892196221763,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.144.84.62","src_port":12807,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":606,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891861875895,"flow_src_last_pkt_time":1686891861875895,"flow_dst_last_pkt_time":1686891861875895,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686892196221763,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"69.109.187.54","src_port":28945,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":607,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891930334421,"flow_src_last_pkt_time":1686891930334421,"flow_dst_last_pkt_time":1686891930334421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686892196221763,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.114.202.61","src_port":12807,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":618,"packets-processed":617,"total-skipped-flows":0,"total-l4-payload-len":30278,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":609,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":609,"total-idle-flows":608,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2944,"global_ts_usec":1686893335451836} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":610,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686893335451836,"flow_src_last_pkt_time":1686893335451836,"flow_dst_last_pkt_time":1686893335451836,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686893335451836,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"186.112.202.53","src_port":57760,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":610,"flow_packet_id":1,"flow_src_last_pkt_time":1686893335451836,"flow_dst_last_pkt_time":1686893335451836,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686893335451836,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+KW1AADQRd2JYP9q4unDKNeGgAasAKufqAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":610,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686893335451836,"flow_src_last_pkt_time":1686893335451836,"flow_dst_last_pkt_time":1686893335451836,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686893335451836,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"186.112.202.53","src_port":57760,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":609,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686892196221763,"flow_src_last_pkt_time":1686892196221763,"flow_dst_last_pkt_time":1686892196221763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686893335451836,"l3_proto":"ip4","src_ip":"95.185.37.180","dst_ip":"85.111.52.57","src_port":56601,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":619,"packets-processed":618,"total-skipped-flows":0,"total-l4-payload-len":30312,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":610,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":610,"total-idle-flows":609,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2949,"global_ts_usec":1686894095858225} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":611,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894095858225,"flow_src_last_pkt_time":1686894095858225,"flow_dst_last_pkt_time":1686894095858225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894095858225,"l3_proto":"ip4","src_ip":"95.190.219.185","dst_ip":"90.111.212.50","src_port":65399,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":611,"flow_packet_id":1,"flow_src_last_pkt_time":1686894095858225,"flow_dst_last_pkt_time":1686894095858225,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686894095858225,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+DzlAADQRkZhfvtu5Wm\/UMv93AasAKsoVAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":611,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894095858225,"flow_src_last_pkt_time":1686894095858225,"flow_dst_last_pkt_time":1686894095858225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894095858225,"l3_proto":"ip4","src_ip":"95.190.219.185","dst_ip":"90.111.212.50","src_port":65399,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":620,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":610,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686893335451836,"flow_src_last_pkt_time":1686893335451836,"flow_dst_last_pkt_time":1686893335451836,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894095858225,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"186.112.202.53","src_port":57760,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":620,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":612,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894584993003,"flow_src_last_pkt_time":1686894584993003,"flow_dst_last_pkt_time":1686894584993003,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894584993003,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"90.147.171.51","src_port":43664,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":620,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":612,"flow_packet_id":1,"flow_src_last_pkt_time":1686894584993003,"flow_dst_last_pkt_time":1686894584993003,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686894584993003,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+H1JAADQRgYlHQCS3WpOrM6qQAasAKh8HAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":620,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":612,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894584993003,"flow_src_last_pkt_time":1686894584993003,"flow_dst_last_pkt_time":1686894584993003,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894584993003,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"90.147.171.51","src_port":43664,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":611,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894095858225,"flow_src_last_pkt_time":1686894095858225,"flow_dst_last_pkt_time":1686894095858225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894584993003,"l3_proto":"ip4","src_ip":"95.190.219.185","dst_ip":"90.111.212.50","src_port":65399,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":613,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894627287214,"flow_src_last_pkt_time":1686894627287214,"flow_dst_last_pkt_time":1686894627287214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894627287214,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":58318,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":613,"flow_packet_id":1,"flow_src_last_pkt_time":1686894627287214,"flow_dst_last_pkt_time":1686894627287214,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686894627287214,"pkt":"ipffLU2SPJTVQTiBCABFAAA+zylAADQR0apAOMuySm\/LN+POAasAKuXBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":613,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894627287214,"flow_src_last_pkt_time":1686894627287214,"flow_dst_last_pkt_time":1686894627287214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894627287214,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":58318,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":622,"packets-processed":621,"total-skipped-flows":0,"total-l4-payload-len":30414,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":613,"total-detection-updates":0,"total-updates":103,"current-active-flows":2,"total-active-flows":613,"total-idle-flows":611,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2961,"global_ts_usec":1686895136332318} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":614,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686895136332318,"flow_src_last_pkt_time":1686895136332318,"flow_dst_last_pkt_time":1686895136332318,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686895136332318,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"69.109.187.54","src_port":43680,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":614,"flow_packet_id":1,"flow_src_last_pkt_time":1686895136332318,"flow_dst_last_pkt_time":1686895136332318,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686895136332318,"pkt":"bpHurUgdPJTVQTiBCABFAABLZR8AACcRbf1dZnxwRW27NqqgAasAN4SOAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":614,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686895136332318,"flow_src_last_pkt_time":1686895136332318,"flow_dst_last_pkt_time":1686895136332318,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686895136332318,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"69.109.187.54","src_port":43680,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":613,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894627287214,"flow_src_last_pkt_time":1686894627287214,"flow_dst_last_pkt_time":1686894627287214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686895136332318,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":58318,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":612,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894584993003,"flow_src_last_pkt_time":1686894584993003,"flow_dst_last_pkt_time":1686894584993003,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686895136332318,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"90.147.171.51","src_port":43664,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":623,"packets-processed":622,"total-skipped-flows":0,"total-l4-payload-len":30461,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":614,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":614,"total-idle-flows":613,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2967,"global_ts_usec":1686900080044444} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":615,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686900080044444,"flow_src_last_pkt_time":1686900080044444,"flow_dst_last_pkt_time":1686900080044444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686900080044444,"l3_proto":"ip4","src_ip":"185.27.37.156","dst_ip":"90.145.180.58","src_port":54712,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":615,"flow_packet_id":1,"flow_src_last_pkt_time":1686900080044444,"flow_dst_last_pkt_time":1686900080044444,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686900080044444,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRbia5GyWcWpG0OtW4AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":615,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686900080044444,"flow_src_last_pkt_time":1686900080044444,"flow_dst_last_pkt_time":1686900080044444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686900080044444,"l3_proto":"ip4","src_ip":"185.27.37.156","dst_ip":"90.145.180.58","src_port":54712,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":614,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686895136332318,"flow_src_last_pkt_time":1686895136332318,"flow_dst_last_pkt_time":1686895136332318,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686900080044444,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"69.109.187.54","src_port":43680,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":624,"packets-processed":623,"total-skipped-flows":0,"total-l4-payload-len":30490,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":615,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":615,"total-idle-flows":614,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2972,"global_ts_usec":1686903641258422} +00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":616,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686903641258422,"flow_src_last_pkt_time":1686903641258422,"flow_dst_last_pkt_time":1686903641258422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686903641258422,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"90.111.212.50","src_port":53551,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":616,"flow_packet_id":1,"flow_src_last_pkt_time":1686903641258422,"flow_dst_last_pkt_time":1686903641258422,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686903641258422,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbOK61Z7hWm\/UMtEvAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01073{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":616,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686903641258422,"flow_src_last_pkt_time":1686903641258422,"flow_dst_last_pkt_time":1686903641258422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686903641258422,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"90.111.212.50","src_port":53551,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":615,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686900080044444,"flow_src_last_pkt_time":1686900080044444,"flow_dst_last_pkt_time":1686900080044444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686903641258422,"l3_proto":"ip4","src_ip":"185.27.37.156","dst_ip":"90.145.180.58","src_port":54712,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":625,"packets-processed":624,"total-skipped-flows":0,"total-l4-payload-len":30519,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":616,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":616,"total-idle-flows":615,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2977,"global_ts_usec":1686910566541526} +00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":617,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686910566541526,"flow_src_last_pkt_time":1686910566541526,"flow_dst_last_pkt_time":1686910566541526,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686910566541526,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":55642,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":617,"flow_packet_id":1,"flow_src_last_pkt_time":1686910566541526,"flow_dst_last_pkt_time":1686910566541526,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686910566541526,"pkt":"3jHC4dyOPJTVQTiBCABFCABL+kUAACIR0GunB5p9Wo0lONlaAasAN0hxAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} +01070{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":617,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686910566541526,"flow_src_last_pkt_time":1686910566541526,"flow_dst_last_pkt_time":1686910566541526,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686910566541526,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":55642,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":616,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686903641258422,"flow_src_last_pkt_time":1686903641258422,"flow_dst_last_pkt_time":1686903641258422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686910566541526,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"90.111.212.50","src_port":53551,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":626,"packets-processed":625,"total-skipped-flows":0,"total-l4-payload-len":30566,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":617,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":617,"total-idle-flows":616,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2982,"global_ts_usec":1686916643605858} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":618,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916643605858,"flow_src_last_pkt_time":1686916643605858,"flow_dst_last_pkt_time":1686916643605858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686916643605858,"l3_proto":"ip4","src_ip":"70.216.186.103","dst_ip":"90.147.171.51","src_port":52251,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":618,"flow_packet_id":1,"flow_src_last_pkt_time":1686916643605858,"flow_dst_last_pkt_time":1686916643605858,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686916643605858,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbZlG2LpnWpOrM8wbAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":618,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916643605858,"flow_src_last_pkt_time":1686916643605858,"flow_dst_last_pkt_time":1686916643605858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686916643605858,"l3_proto":"ip4","src_ip":"70.216.186.103","dst_ip":"90.147.171.51","src_port":52251,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01109{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":617,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686910566541526,"flow_src_last_pkt_time":1686910566541526,"flow_dst_last_pkt_time":1686910566541526,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686916643605858,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":55642,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":619,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916678686629,"flow_src_last_pkt_time":1686916678686629,"flow_dst_last_pkt_time":1686916678686629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686916678686629,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":26319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":619,"flow_packet_id":1,"flow_src_last_pkt_time":1686916678686629,"flow_dst_last_pkt_time":1686916678686629,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686916678686629,"pkt":"AAwp30Y4PJTVQTiBCABFCABS3OcAAGsROahDnxCWpXLKPWbPAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} +01072{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":619,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916678686629,"flow_src_last_pkt_time":1686916678686629,"flow_dst_last_pkt_time":1686916678686629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686916678686629,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":26319,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00591{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":628,"packets-processed":627,"total-skipped-flows":0,"total-l4-payload-len":30649,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":619,"total-detection-updates":0,"total-updates":103,"current-active-flows":2,"total-active-flows":619,"total-idle-flows":617,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2990,"global_ts_usec":1686918716711404} +00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":620,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686918716711404,"flow_src_last_pkt_time":1686918716711404,"flow_dst_last_pkt_time":1686918716711404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686918716711404,"l3_proto":"ip4","src_ip":"58.22.67.22","dst_ip":"85.111.52.57","src_port":52092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":620,"flow_packet_id":1,"flow_src_last_pkt_time":1686918716711404,"flow_dst_last_pkt_time":1686918716711404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686918716711404,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPoRbEQ6FkMWVW80Oct8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01068{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":620,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686918716711404,"flow_src_last_pkt_time":1686918716711404,"flow_dst_last_pkt_time":1686918716711404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686918716711404,"l3_proto":"ip4","src_ip":"58.22.67.22","dst_ip":"85.111.52.57","src_port":52092,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":618,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916643605858,"flow_src_last_pkt_time":1686916643605858,"flow_dst_last_pkt_time":1686916643605858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686918716711404,"l3_proto":"ip4","src_ip":"70.216.186.103","dst_ip":"90.147.171.51","src_port":52251,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01111{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":619,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916678686629,"flow_src_last_pkt_time":1686916678686629,"flow_dst_last_pkt_time":1686916678686629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686918716711404,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":26319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":621,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686919264737057,"flow_src_last_pkt_time":1686919264737057,"flow_dst_last_pkt_time":1686919264737057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686919264737057,"l3_proto":"ip4","src_ip":"217.39.155.99","dst_ip":"165.144.84.62","src_port":51503,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} +00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":621,"flow_packet_id":1,"flow_src_last_pkt_time":1686919264737057,"flow_dst_last_pkt_time":1686919264737057,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686919264737057,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbIrZJ5tjpZBUPskvAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} +01071{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":621,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686919264737057,"flow_src_last_pkt_time":1686919264737057,"flow_dst_last_pkt_time":1686919264737057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686919264737057,"l3_proto":"ip4","src_ip":"217.39.155.99","dst_ip":"165.144.84.62","src_port":51503,"dst_port":427,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01107{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":620,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686918716711404,"flow_src_last_pkt_time":1686918716711404,"flow_dst_last_pkt_time":1686918716711404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686919264737057,"l3_proto":"ip4","src_ip":"58.22.67.22","dst_ip":"85.111.52.57","src_port":52092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +01110{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":621,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686919264737057,"flow_src_last_pkt_time":1686919264737057,"flow_dst_last_pkt_time":1686919264737057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686919264737057,"l3_proto":"ip4","src_ip":"217.39.155.99","dst_ip":"165.144.84.62","src_port":51503,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} +00593{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","packets-captured":629,"packets-processed":629,"total-skipped-flows":0,"total-l4-payload-len":30707,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":621,"total-detection-updates":0,"total-updates":103,"current-active-flows":0,"total-active-flows":621,"total-idle-flows":621,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":3001,"global_ts_usec":1686919264737057} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 629/629 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 30707 bytes +~~ total detected protocols..: 621 +~~ total active/idle flows...: 621/621 +~~ total timeout flows.......: 0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 9116754 bytes +~~ total memory freed........: 9116754 bytes +~~ total allocations/frees...: 153820/153820 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ json string min len.......: 512 chars +~~ json string max len.......: 1125 chars +~~ json string avg len.......: 818 chars diff --git a/test/results/default/ssdp-m-search-ua.pcap.out b/test/results/default/ssdp-m-search-ua.pcap.out index 1b0a44cc9..07d3ea429 100644 --- a/test/results/default/ssdp-m-search-ua.pcap.out +++ b/test/results/default/ssdp-m-search-ua.pcap.out @@ -16,9 +16,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593884 bytes -~~ total memory freed........: 7593884 bytes -~~ total allocations/frees...: 142694/142694 +~~ total memory allocated....: 7766877 bytes +~~ total memory freed........: 7766877 bytes +~~ total allocations/frees...: 146375/146375 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 522 chars ~~ json string max len.......: 984 chars diff --git a/test/results/default/ssdp-m-search.pcap.out b/test/results/default/ssdp-m-search.pcap.out index 369ffff91..c98adbe48 100644 --- a/test/results/default/ssdp-m-search.pcap.out +++ b/test/results/default/ssdp-m-search.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594283 bytes -~~ total memory freed........: 7594283 bytes -~~ total allocations/frees...: 142708/142708 +~~ total memory allocated....: 7767276 bytes +~~ total memory freed........: 7767276 bytes +~~ total allocations/frees...: 146389/146389 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 983 chars diff --git a/test/results/default/ssh.pcap.out b/test/results/default/ssh.pcap.out index cb6070c66..c27d4b40c 100644 --- a/test/results/default/ssh.pcap.out +++ b/test/results/default/ssh.pcap.out @@ -22,9 +22,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7603294 bytes -~~ total memory freed........: 7603294 bytes -~~ total allocations/frees...: 142954/142954 +~~ total memory allocated....: 7776287 bytes +~~ total memory freed........: 7776287 bytes +~~ total allocations/frees...: 146635/146635 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2430 chars diff --git a/test/results/default/ssl-cert-name-mismatch.pcap.out b/test/results/default/ssl-cert-name-mismatch.pcap.out index 588c36f69..eafeab640 100644 --- a/test/results/default/ssl-cert-name-mismatch.pcap.out +++ b/test/results/default/ssl-cert-name-mismatch.pcap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604634 bytes -~~ total memory freed........: 7604634 bytes -~~ total allocations/frees...: 142721/142721 +~~ total memory allocated....: 7777627 bytes +~~ total memory freed........: 7777627 bytes +~~ total allocations/frees...: 146402/146402 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 528 chars ~~ json string max len.......: 1508 chars diff --git a/test/results/default/starcraft_battle.pcap.out b/test/results/default/starcraft_battle.pcap.out index 9b55d25d8..b1afbf51c 100644 --- a/test/results/default/starcraft_battle.pcap.out +++ b/test/results/default/starcraft_battle.pcap.out @@ -385,9 +385,9 @@ ~~ total active/idle flows...: 52/52 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7754289 bytes -~~ total memory freed........: 7754289 bytes -~~ total allocations/frees...: 144160/144160 +~~ total memory allocated....: 7928506 bytes +~~ total memory freed........: 7928506 bytes +~~ total allocations/frees...: 147841/147841 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 310 chars ~~ json string max len.......: 2402 chars diff --git a/test/results/default/steam.pcap.out b/test/results/default/steam.pcap.out index e5088e323..487a273f1 100644 --- a/test/results/default/steam.pcap.out +++ b/test/results/default/steam.pcap.out @@ -272,9 +272,9 @@ ~~ total active/idle flows...: 55/55 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7711472 bytes -~~ total memory freed........: 7711472 bytes -~~ total allocations/frees...: 143388/143388 +~~ total memory allocated....: 7885761 bytes +~~ total memory freed........: 7885761 bytes +~~ total allocations/frees...: 147069/147069 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1095 chars diff --git a/test/results/default/steam_datagram_relay_ping.pcapng.out b/test/results/default/steam_datagram_relay_ping.pcapng.out index d2c1c4ac4..75adcb545 100644 --- a/test/results/default/steam_datagram_relay_ping.pcapng.out +++ b/test/results/default/steam_datagram_relay_ping.pcapng.out @@ -14,9 +14,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593818 bytes -~~ total memory freed........: 7593818 bytes -~~ total allocations/frees...: 142692/142692 +~~ total memory allocated....: 7766811 bytes +~~ total memory freed........: 7766811 bytes +~~ total allocations/frees...: 146373/146373 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 533 chars ~~ json string max len.......: 2275 chars diff --git a/test/results/default/stun.pcap.out b/test/results/default/stun.pcap.out index 42cffbfed..54559c152 100644 --- a/test/results/default/stun.pcap.out +++ b/test/results/default/stun.pcap.out @@ -60,9 +60,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7611761 bytes -~~ total memory freed........: 7611761 bytes -~~ total allocations/frees...: 142925/142925 +~~ total memory allocated....: 7784850 bytes +~~ total memory freed........: 7784850 bytes +~~ total allocations/frees...: 146606/146606 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2572 chars diff --git a/test/results/default/stun_classic.pcap.out b/test/results/default/stun_classic.pcap.out index 1f2c80899..32b21a5ff 100644 --- a/test/results/default/stun_classic.pcap.out +++ b/test/results/default/stun_classic.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594398 bytes -~~ total memory freed........: 7594398 bytes -~~ total allocations/frees...: 142712/142712 +~~ total memory allocated....: 7767391 bytes +~~ total memory freed........: 7767391 bytes +~~ total allocations/frees...: 146393/146393 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 1160 chars diff --git a/test/results/default/stun_google_meet.pcapng.out b/test/results/default/stun_google_meet.pcapng.out index 8ff160c1a..1398263e5 100644 --- a/test/results/default/stun_google_meet.pcapng.out +++ b/test/results/default/stun_google_meet.pcapng.out @@ -59,9 +59,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7610586 bytes -~~ total memory freed........: 7610586 bytes -~~ total allocations/frees...: 142959/142959 +~~ total memory allocated....: 7783699 bytes +~~ total memory freed........: 7783699 bytes +~~ total allocations/frees...: 146640/146640 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 524 chars ~~ json string max len.......: 2361 chars diff --git a/test/results/default/stun_msteams_unidir.pcapng.out b/test/results/default/stun_msteams_unidir.pcapng.out index 08357a4b2..6c9305a87 100644 --- a/test/results/default/stun_msteams_unidir.pcapng.out +++ b/test/results/default/stun_msteams_unidir.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7594108 bytes -~~ total memory freed........: 7594108 bytes -~~ total allocations/frees...: 142702/142702 +~~ total memory allocated....: 7767101 bytes +~~ total memory freed........: 7767101 bytes +~~ total allocations/frees...: 146383/146383 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 527 chars ~~ json string max len.......: 2180 chars diff --git a/test/results/default/stun_signal.pcapng.out b/test/results/default/stun_signal.pcapng.out index 2173597a0..77aeee88d 100644 --- a/test/results/default/stun_signal.pcapng.out +++ b/test/results/default/stun_signal.pcapng.out @@ -209,9 +209,9 @@ ~~ total active/idle flows...: 23/23 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7653960 bytes -~~ total memory freed........: 7653960 bytes -~~ total allocations/frees...: 143398/143398 +~~ total memory allocated....: 7827481 bytes +~~ total memory freed........: 7827481 bytes +~~ total allocations/frees...: 147079/147079 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2457 chars diff --git a/test/results/default/stun_wa_call.pcapng.out b/test/results/default/stun_wa_call.pcapng.out index 2f85ab5dd..f9022511f 100644 --- a/test/results/default/stun_wa_call.pcapng.out +++ b/test/results/default/stun_wa_call.pcapng.out @@ -116,9 +116,9 @@ ~~ total active/idle flows...: 13/13 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7636387 bytes -~~ total memory freed........: 7636387 bytes -~~ total allocations/frees...: 143413/143413 +~~ total memory allocated....: 7809668 bytes +~~ total memory freed........: 7809668 bytes +~~ total allocations/frees...: 147094/147094 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2336 chars diff --git a/test/results/default/syncthing.pcap.out b/test/results/default/syncthing.pcap.out index 371cfc469..fe3521750 100644 --- a/test/results/default/syncthing.pcap.out +++ b/test/results/default/syncthing.pcap.out @@ -46,9 +46,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601006 bytes -~~ total memory freed........: 7601006 bytes -~~ total allocations/frees...: 142753/142753 +~~ total memory allocated....: 7774071 bytes +~~ total memory freed........: 7774071 bytes +~~ total allocations/frees...: 146434/146434 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 1177 chars diff --git a/test/results/default/synscan.pcap.out b/test/results/default/synscan.pcap.out index 44e29777b..909b1f405 100644 --- a/test/results/default/synscan.pcap.out +++ b/test/results/default/synscan.pcap.out @@ -6147,9 +6147,9 @@ 00776{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275058221211,"flow_src_last_pkt_time":1278275058221211,"flow_dst_last_pkt_time":1278275058221211,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36050,"dst_port":425,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00988{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275058345794,"flow_src_last_pkt_time":1278275058345794,"flow_dst_last_pkt_time":1278275058345794,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36051,"dst_port":425,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00776{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275058345794,"flow_src_last_pkt_time":1278275058345794,"flow_dst_last_pkt_time":1278275058345794,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36051,"dst_port":425,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00989{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":1289,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275060438730,"flow_src_last_pkt_time":1278275060438730,"flow_dst_last_pkt_time":1278275060438730,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36050,"dst_port":427,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01077{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":1289,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275060438730,"flow_src_last_pkt_time":1278275060438730,"flow_dst_last_pkt_time":1278275060438730,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36050,"dst_port":427,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"1":"Match by port"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00777{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":1289,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275060438730,"flow_src_last_pkt_time":1278275060438730,"flow_dst_last_pkt_time":1278275060438730,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36050,"dst_port":427,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00989{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":1361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275060540927,"flow_src_last_pkt_time":1278275060540927,"flow_dst_last_pkt_time":1278275060540927,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36051,"dst_port":427,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +01077{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":1361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275060540927,"flow_src_last_pkt_time":1278275060540927,"flow_dst_last_pkt_time":1278275060540927,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36051,"dst_port":427,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"1":"Match by port"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00777{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":1361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275060540927,"flow_src_last_pkt_time":1278275060540927,"flow_dst_last_pkt_time":1278275060540927,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36051,"dst_port":427,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00989{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275058280907,"flow_src_last_pkt_time":1278275058280907,"flow_dst_last_pkt_time":1278275058280907,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36050,"dst_port":6580,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00777{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275058280907,"flow_src_last_pkt_time":1278275058280907,"flow_dst_last_pkt_time":1278275058280907,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36050,"dst_port":6580,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -7993,7 +7993,7 @@ 00777{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275058595442,"flow_src_last_pkt_time":1278275058595442,"flow_dst_last_pkt_time":1278275058595442,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36051,"dst_port":5431,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01067{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":1201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275060335364,"flow_src_last_pkt_time":1278275060335364,"flow_dst_last_pkt_time":1278275060335364,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36051,"dst_port":5432,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"1":"Match by port"},"proto":"PostgreSQL","proto_id":"19","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":11,"category":"Database"}} 00778{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","flow_id":1201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1278275060335364,"flow_src_last_pkt_time":1278275060335364,"flow_dst_last_pkt_time":1278275060335364,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1278275079360213,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36051,"dst_port":5432,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00596{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","packets-captured":2011,"packets-processed":2011,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":1872,"total-guessed-flows":122,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":1994,"total-idle-flows":1994,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":7996,"global_ts_usec":1278275079360213} +00596{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/synscan.pcap","alias":"nDPId-test","packets-captured":2011,"packets-processed":2011,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":1870,"total-guessed-flows":124,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":1994,"total-idle-flows":1994,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":7996,"global_ts_usec":1278275079360213} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ ~~ packets captured/processed: 2011/2011 ~~ skipped flows.............: 0 @@ -8002,9 +8002,9 @@ ~~ total active/idle flows...: 1994/1994 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 11885371 bytes -~~ total memory freed........: 11885371 bytes -~~ total allocations/frees...: 166631/166631 +~~ total memory allocated....: 12106196 bytes +~~ total memory freed........: 12106196 bytes +~~ total allocations/frees...: 170312/170312 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 1216 chars diff --git a/test/results/default/syslog.pcap.out b/test/results/default/syslog.pcap.out index 005324775..08dcb4d74 100644 --- a/test/results/default/syslog.pcap.out +++ b/test/results/default/syslog.pcap.out @@ -154,9 +154,9 @@ ~~ total active/idle flows...: 19/19 ~~ total timeout flows.......: 2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7636788 bytes -~~ total memory freed........: 7636788 bytes -~~ total allocations/frees...: 142984/142984 +~~ total memory allocated....: 7810213 bytes +~~ total memory freed........: 7810213 bytes +~~ total allocations/frees...: 146665/146665 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 285 chars ~~ json string max len.......: 2219 chars diff --git a/test/results/default/tailscale.pcap.out b/test/results/default/tailscale.pcap.out index 13587dbdd..125a45a21 100644 --- a/test/results/default/tailscale.pcap.out +++ b/test/results/default/tailscale.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596863 bytes -~~ total memory freed........: 7596863 bytes -~~ total allocations/frees...: 142797/142797 +~~ total memory allocated....: 7769856 bytes +~~ total memory freed........: 7769856 bytes +~~ total allocations/frees...: 146478/146478 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2369 chars diff --git a/test/results/default/targusdataspeed_false_positives.pcap.out b/test/results/default/targusdataspeed_false_positives.pcap.out index f685e2c70..f4a92ae0c 100644 --- a/test/results/default/targusdataspeed_false_positives.pcap.out +++ b/test/results/default/targusdataspeed_false_positives.pcap.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596056 bytes -~~ total memory freed........: 7596056 bytes -~~ total allocations/frees...: 142707/142707 +~~ total memory allocated....: 7769073 bytes +~~ total memory freed........: 7769073 bytes +~~ total allocations/frees...: 146388/146388 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 537 chars ~~ json string max len.......: 1193 chars diff --git a/test/results/default/tcp_scan.pcapng.out b/test/results/default/tcp_scan.pcapng.out index e527dbef1..55db09d5b 100644 --- a/test/results/default/tcp_scan.pcapng.out +++ b/test/results/default/tcp_scan.pcapng.out @@ -48,9 +48,9 @@ ~~ total active/idle flows...: 7/7 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7607189 bytes -~~ total memory freed........: 7607189 bytes -~~ total allocations/frees...: 142782/142782 +~~ total memory allocated....: 7780326 bytes +~~ total memory freed........: 7780326 bytes +~~ total allocations/frees...: 146463/146463 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 1182 chars diff --git a/test/results/default/teams.pcap.out b/test/results/default/teams.pcap.out index 1dbee337b..9ab4c2db8 100644 --- a/test/results/default/teams.pcap.out +++ b/test/results/default/teams.pcap.out @@ -686,9 +686,9 @@ ~~ total active/idle flows...: 83/83 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8723821 bytes -~~ total memory freed........: 8723821 bytes -~~ total allocations/frees...: 145490/145490 +~~ total memory allocated....: 8898782 bytes +~~ total memory freed........: 8898782 bytes +~~ total allocations/frees...: 149171/149171 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 295 chars ~~ json string max len.......: 2501 chars diff --git a/test/results/default/teamspeak3.pcap.out b/test/results/default/teamspeak3.pcap.out index b5eef9540..43a658cd8 100644 --- a/test/results/default/teamspeak3.pcap.out +++ b/test/results/default/teamspeak3.pcap.out @@ -266,9 +266,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7612965 bytes -~~ total memory freed........: 7612965 bytes -~~ total allocations/frees...: 143290/143290 +~~ total memory allocated....: 7785982 bytes +~~ total memory freed........: 7785982 bytes +~~ total allocations/frees...: 146971/146971 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2227 chars diff --git a/test/results/default/teamviewer.pcap.out b/test/results/default/teamviewer.pcap.out index ab3b3d006..7c7c5419d 100644 --- a/test/results/default/teamviewer.pcap.out +++ b/test/results/default/teamviewer.pcap.out @@ -29,9 +29,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7606109 bytes -~~ total memory freed........: 7606109 bytes -~~ total allocations/frees...: 143054/143054 +~~ total memory allocated....: 7779126 bytes +~~ total memory freed........: 7779126 bytes +~~ total allocations/frees...: 146735/146735 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2389 chars diff --git a/test/results/default/telegram.pcap.out b/test/results/default/telegram.pcap.out index cf613f7c6..8d7d5ede8 100644 --- a/test/results/default/telegram.pcap.out +++ b/test/results/default/telegram.pcap.out @@ -345,9 +345,9 @@ ~~ total active/idle flows...: 48/48 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7738648 bytes -~~ total memory freed........: 7738648 bytes -~~ total allocations/frees...: 144759/144759 +~~ total memory allocated....: 7912769 bytes +~~ total memory freed........: 7912769 bytes +~~ total allocations/frees...: 148440/148440 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2354 chars diff --git a/test/results/default/telnet.pcap.out b/test/results/default/telnet.pcap.out index 3356c27b5..ca5b9920c 100644 --- a/test/results/default/telnet.pcap.out +++ b/test/results/default/telnet.pcap.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598476 bytes -~~ total memory freed........: 7598476 bytes -~~ total allocations/frees...: 142783/142783 +~~ total memory allocated....: 7771469 bytes +~~ total memory freed........: 7771469 bytes +~~ total allocations/frees...: 146464/146464 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1971 chars diff --git a/test/results/default/teredo.pcap.out b/test/results/default/teredo.pcap.out index 0e7bdd17b..a02fbe2e3 100644 --- a/test/results/default/teredo.pcap.out +++ b/test/results/default/teredo.pcap.out @@ -39,9 +39,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602952 bytes -~~ total memory freed........: 7602952 bytes -~~ total allocations/frees...: 142758/142758 +~~ total memory allocated....: 7776041 bytes +~~ total memory freed........: 7776041 bytes +~~ total allocations/frees...: 146439/146439 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1103 chars diff --git a/test/results/default/tftp.pcap.out b/test/results/default/tftp.pcap.out index ca52be74a..7e180e7e3 100644 --- a/test/results/default/tftp.pcap.out +++ b/test/results/default/tftp.pcap.out @@ -47,9 +47,9 @@ ~~ total active/idle flows...: 7/7 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7609725 bytes -~~ total memory freed........: 7609725 bytes -~~ total allocations/frees...: 142865/142865 +~~ total memory allocated....: 7782862 bytes +~~ total memory freed........: 7782862 bytes +~~ total allocations/frees...: 146546/146546 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2179 chars diff --git a/test/results/default/threema.pcap.out b/test/results/default/threema.pcap.out index da20ec2f2..1687a7a36 100644 --- a/test/results/default/threema.pcap.out +++ b/test/results/default/threema.pcap.out @@ -45,11 +45,11 @@ 00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":3,"flow_src_last_pkt_time":1655307958999000,"flow_dst_last_pkt_time":1655307958996000,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1655307958999000,"pkt":"eJS0JASgYDjgxTWgCABFAAA00XdAAD8GAXnAqAJkuVjsbsasFGYhOI\/na\/hQtoAQAVfxOwAAAQEICgAWXpf8lXcy"} 00609{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":4,"flow_src_last_pkt_time":1655307959000000,"flow_dst_last_pkt_time":1655307958996000,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":114,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":114,"pkt_l4_len":80,"thread_ts_usec":1655307959000000,"pkt":"eJS0JASgYDjgxTWgCABFAABk0XhAAD8GAUjAqAJkuVjsbsasFGYhOI\/na\/hQtoAYAVfaLQAAAQEICgAWXpj8lXcy6kbgjIUXtJZSP3ef08ne4gfPXDsNYJbMITHre1+57RmQAWGFzTHqooyrlluUBtOm"} 00654{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":5,"flow_src_last_pkt_time":1655307959000000,"flow_dst_last_pkt_time":1655307959025000,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":146,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":146,"pkt_l4_len":112,"thread_ts_usec":1655307959025000,"pkt":"YDjgxTWgeJS0JASgCABFAACEAABAADgG2aC5WOxuwKgCZBRmxqxr+FC2ITiQF4AYBBQivQAAAQEICvyVd0YAFl6YVUfIE5eZRpcII3s\/f2T4AZkUSyc1PgmBoVN43+fqJhU7PuZ8DIIm9QKIr7boopM1nlfZX+jEo9V5p9DzSRNu5B+I+Nk\/FdAv5atz7nfwBkE="} -00935{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655306704436000,"flow_src_last_pkt_time":1655306777863000,"flow_dst_last_pkt_time":1655306777860000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":239,"flow_dst_tot_l4_payload_len":134,"midstream":0,"thread_ts_usec":1655307959100000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50718,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"7":"Match by IP"},"proto":"Threema","proto_id":"305","proto_by_ip":"Threema","proto_by_ip_id":305,"encrypted":1,"breed":"Fun","category_id":9,"category":"Chat"}} +01062{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655306704436000,"flow_src_last_pkt_time":1655306777863000,"flow_dst_last_pkt_time":1655306777860000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":239,"flow_dst_tot_l4_payload_len":134,"midstream":0,"thread_ts_usec":1655307959100000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50718,"dst_port":5222,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"confidence": {"7":"Match by IP"},"proto":"Threema","proto_id":"305","proto_by_ip":"Threema","proto_by_ip_id":305,"encrypted":1,"breed":"Fun","category_id":9,"category":"Chat"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655306704436000,"flow_src_last_pkt_time":1655306777863000,"flow_dst_last_pkt_time":1655306777860000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":239,"flow_dst_tot_l4_payload_len":134,"midstream":0,"thread_ts_usec":1655307959100000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50718,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00969{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":10,"flow_dst_packets_processed":5,"flow_first_seen":1655301424082000,"flow_src_last_pkt_time":1655301470813000,"flow_dst_last_pkt_time":1655301470800000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":444,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":210,"midstream":0,"thread_ts_usec":1655308018973000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50298,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","proto_id":"305","proto_by_ip":"Threema","proto_by_ip_id":305,"encrypted":1,"breed":"Fun","category_id":9,"category":"Chat"}} 00969{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1655301591783000,"flow_src_last_pkt_time":1655301621987000,"flow_dst_last_pkt_time":1655301622013000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":735,"flow_dst_max_l4_payload_len":468,"flow_src_tot_l4_payload_len":1396,"flow_dst_tot_l4_payload_len":662,"midstream":0,"thread_ts_usec":1655308018973000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50484,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","proto_id":"305","proto_by_ip":"Threema","proto_by_ip_id":305,"encrypted":1,"breed":"Fun","category_id":9,"category":"Chat"}} -00935{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655307958972000,"flow_src_last_pkt_time":1655308018973000,"flow_dst_last_pkt_time":1655308018969000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":239,"flow_dst_tot_l4_payload_len":134,"midstream":0,"thread_ts_usec":1655308018973000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50860,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"7":"Match by IP"},"proto":"Threema","proto_id":"305","proto_by_ip":"Threema","proto_by_ip_id":305,"encrypted":1,"breed":"Fun","category_id":9,"category":"Chat"}} +01062{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655307958972000,"flow_src_last_pkt_time":1655308018973000,"flow_dst_last_pkt_time":1655308018969000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":239,"flow_dst_tot_l4_payload_len":134,"midstream":0,"thread_ts_usec":1655308018973000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50860,"dst_port":5222,"l4_proto":"tcp","ndpi": {"flow_risk": {"51": {"risk":"Fully encrypted flow","severity":"Medium","risk_score": {"total":360,"client":240,"server":120}}},"confidence": {"7":"Match by IP"},"proto":"Threema","proto_id":"305","proto_by_ip":"Threema","proto_by_ip_id":305,"encrypted":1,"breed":"Fun","category_id":9,"category":"Chat"}} 00784{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655307958972000,"flow_src_last_pkt_time":1655308018973000,"flow_dst_last_pkt_time":1655308018969000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":191,"flow_dst_max_l4_payload_len":80,"flow_src_tot_l4_payload_len":239,"flow_dst_tot_l4_payload_len":134,"midstream":0,"thread_ts_usec":1655308018973000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50860,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00580{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/threema.pcap","alias":"nDPId-test","packets-captured":83,"packets-processed":83,"total-skipped-flows":0,"total-l4-payload-len":6004,"total-not-detected-flows":0,"total-guessed-flows":2,"total-detected-flows":4,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":6,"total-idle-flows":6,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":54,"global_ts_usec":1655308018973000} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ @@ -60,10 +60,10 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7619075 bytes -~~ total memory freed........: 7619075 bytes -~~ total allocations/frees...: 142834/142834 +~~ total memory allocated....: 7792188 bytes +~~ total memory freed........: 7792188 bytes +~~ total allocations/frees...: 146515/146515 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars -~~ json string max len.......: 974 chars -~~ json string avg len.......: 742 chars +~~ json string max len.......: 1067 chars +~~ json string avg len.......: 789 chars diff --git a/test/results/default/thrift.pcap.out b/test/results/default/thrift.pcap.out index fd2574140..a75606244 100644 --- a/test/results/default/thrift.pcap.out +++ b/test/results/default/thrift.pcap.out @@ -24,9 +24,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602920 bytes -~~ total memory freed........: 7602920 bytes -~~ total allocations/frees...: 142874/142874 +~~ total memory allocated....: 7775937 bytes +~~ total memory freed........: 7775937 bytes +~~ total allocations/frees...: 146555/146555 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 7061 chars diff --git a/test/results/default/tinc.pcap.out b/test/results/default/tinc.pcap.out index bb4ba565d..aa7d99210 100644 --- a/test/results/default/tinc.pcap.out +++ b/test/results/default/tinc.pcap.out @@ -43,9 +43,9 @@ ~~ total active/idle flows...: 4/4 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613649 bytes -~~ total memory freed........: 7613649 bytes -~~ total allocations/frees...: 143050/143050 +~~ total memory allocated....: 7786714 bytes +~~ total memory freed........: 7786714 bytes +~~ total allocations/frees...: 146731/146731 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2481 chars diff --git a/test/results/default/tk.pcap.out b/test/results/default/tk.pcap.out index a872a763f..caeca60d0 100644 --- a/test/results/default/tk.pcap.out +++ b/test/results/default/tk.pcap.out @@ -27,9 +27,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598182 bytes -~~ total memory freed........: 7598182 bytes -~~ total allocations/frees...: 142718/142718 +~~ total memory allocated....: 7771223 bytes +~~ total memory freed........: 7771223 bytes +~~ total allocations/frees...: 146399/146399 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 508 chars ~~ json string max len.......: 1177 chars diff --git a/test/results/default/tls-appdata.pcap.out b/test/results/default/tls-appdata.pcap.out index e153c1b52..7cd7d3e31 100644 --- a/test/results/default/tls-appdata.pcap.out +++ b/test/results/default/tls-appdata.pcap.out @@ -31,9 +31,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7640287 bytes -~~ total memory freed........: 7640287 bytes -~~ total allocations/frees...: 142828/142828 +~~ total memory allocated....: 7813304 bytes +~~ total memory freed........: 7813304 bytes +~~ total allocations/frees...: 146509/146509 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 517 chars ~~ json string max len.......: 4468 chars diff --git a/test/results/default/tls-esni-fuzzed.pcap.out b/test/results/default/tls-esni-fuzzed.pcap.out index f90fe62ca..1289f6513 100644 --- a/test/results/default/tls-esni-fuzzed.pcap.out +++ b/test/results/default/tls-esni-fuzzed.pcap.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7605535 bytes -~~ total memory freed........: 7605535 bytes -~~ total allocations/frees...: 142726/142726 +~~ total memory allocated....: 7778576 bytes +~~ total memory freed........: 7778576 bytes +~~ total allocations/frees...: 146407/146407 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 1509 chars diff --git a/test/results/default/tls-rdn-extract.pcap.out b/test/results/default/tls-rdn-extract.pcap.out index e9ca61e60..9d3f4bdd0 100644 --- a/test/results/default/tls-rdn-extract.pcap.out +++ b/test/results/default/tls-rdn-extract.pcap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7637735 bytes -~~ total memory freed........: 7637735 bytes -~~ total allocations/frees...: 142749/142749 +~~ total memory allocated....: 7810728 bytes +~~ total memory freed........: 7810728 bytes +~~ total allocations/frees...: 146430/146430 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 3599 chars diff --git a/test/results/default/tls_2_reasms.pcapng.out b/test/results/default/tls_2_reasms.pcapng.out index 906f7aac6..aa3834583 100644 --- a/test/results/default/tls_2_reasms.pcapng.out +++ b/test/results/default/tls_2_reasms.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598303 bytes -~~ total memory freed........: 7598303 bytes -~~ total allocations/frees...: 142708/142708 +~~ total memory allocated....: 7771296 bytes +~~ total memory freed........: 7771296 bytes +~~ total allocations/frees...: 146389/146389 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2386 chars diff --git a/test/results/default/tls_2_reasms_b.pcapng.out b/test/results/default/tls_2_reasms_b.pcapng.out index 135368b91..722e36948 100644 --- a/test/results/default/tls_2_reasms_b.pcapng.out +++ b/test/results/default/tls_2_reasms_b.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7634725 bytes -~~ total memory freed........: 7634725 bytes -~~ total allocations/frees...: 142715/142715 +~~ total memory allocated....: 7807718 bytes +~~ total memory freed........: 7807718 bytes +~~ total allocations/frees...: 146396/146396 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 522 chars ~~ json string max len.......: 2393 chars diff --git a/test/results/default/tls_alert.pcap.out b/test/results/default/tls_alert.pcap.out index 657c5eecc..3a001816a 100644 --- a/test/results/default/tls_alert.pcap.out +++ b/test/results/default/tls_alert.pcap.out @@ -26,9 +26,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602602 bytes -~~ total memory freed........: 7602602 bytes -~~ total allocations/frees...: 142724/142724 +~~ total memory allocated....: 7775619 bytes +~~ total memory freed........: 7775619 bytes +~~ total allocations/frees...: 146405/146405 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 1320 chars diff --git a/test/results/default/tls_certificate_too_long.pcap.out b/test/results/default/tls_certificate_too_long.pcap.out index a35448497..992c1d921 100644 --- a/test/results/default/tls_certificate_too_long.pcap.out +++ b/test/results/default/tls_certificate_too_long.pcap.out @@ -256,9 +256,9 @@ ~~ total active/idle flows...: 35/35 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7794729 bytes -~~ total memory freed........: 7794729 bytes -~~ total allocations/frees...: 143518/143518 +~~ total memory allocated....: 7968538 bytes +~~ total memory freed........: 7968538 bytes +~~ total allocations/frees...: 147199/147199 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 530 chars ~~ json string max len.......: 2529 chars diff --git a/test/results/default/tls_cipher_lens.pcap.out b/test/results/default/tls_cipher_lens.pcap.out index 25c04205f..0014eab53 100644 --- a/test/results/default/tls_cipher_lens.pcap.out +++ b/test/results/default/tls_cipher_lens.pcap.out @@ -29,9 +29,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7612671 bytes -~~ total memory freed........: 7612671 bytes -~~ total allocations/frees...: 142749/142749 +~~ total memory allocated....: 7785760 bytes +~~ total memory freed........: 7785760 bytes +~~ total allocations/frees...: 146430/146430 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 1348 chars diff --git a/test/results/default/tls_client_certificate_with_missing_server_one.pcapng.out b/test/results/default/tls_client_certificate_with_missing_server_one.pcapng.out index 601d7eec3..dbc40cb07 100644 --- a/test/results/default/tls_client_certificate_with_missing_server_one.pcapng.out +++ b/test/results/default/tls_client_certificate_with_missing_server_one.pcapng.out @@ -26,9 +26,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602582 bytes -~~ total memory freed........: 7602582 bytes -~~ total allocations/frees...: 142725/142725 +~~ total memory allocated....: 7775599 bytes +~~ total memory freed........: 7775599 bytes +~~ total allocations/frees...: 146406/146406 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 554 chars ~~ json string max len.......: 2545 chars diff --git a/test/results/default/tls_ech.pcapng.out b/test/results/default/tls_ech.pcapng.out index 0a8d3e4d8..e12784c3d 100644 --- a/test/results/default/tls_ech.pcapng.out +++ b/test/results/default/tls_ech.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600356 bytes -~~ total memory freed........: 7600356 bytes -~~ total allocations/frees...: 142705/142705 +~~ total memory allocated....: 7773349 bytes +~~ total memory freed........: 7773349 bytes +~~ total allocations/frees...: 146386/146386 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 1368 chars diff --git a/test/results/default/tls_esni_sni_both.pcap.out b/test/results/default/tls_esni_sni_both.pcap.out index 32638c6cd..249ad69c7 100644 --- a/test/results/default/tls_esni_sni_both.pcap.out +++ b/test/results/default/tls_esni_sni_both.pcap.out @@ -27,9 +27,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7619636 bytes -~~ total memory freed........: 7619636 bytes -~~ total allocations/frees...: 142755/142755 +~~ total memory allocated....: 7792653 bytes +~~ total memory freed........: 7792653 bytes +~~ total allocations/frees...: 146436/146436 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 1465 chars diff --git a/test/results/default/tls_false_positives.pcapng.out b/test/results/default/tls_false_positives.pcapng.out index 13267d148..42bb36b2d 100644 --- a/test/results/default/tls_false_positives.pcapng.out +++ b/test/results/default/tls_false_positives.pcapng.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596678 bytes -~~ total memory freed........: 7596678 bytes -~~ total allocations/frees...: 142721/142721 +~~ total memory allocated....: 7769671 bytes +~~ total memory freed........: 7769671 bytes +~~ total allocations/frees...: 146402/146402 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 527 chars ~~ json string max len.......: 2419 chars diff --git a/test/results/default/tls_invalid_reads.pcap.out b/test/results/default/tls_invalid_reads.pcap.out index 3233b270c..22d3a72fb 100644 --- a/test/results/default/tls_invalid_reads.pcap.out +++ b/test/results/default/tls_invalid_reads.pcap.out @@ -31,9 +31,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602295 bytes -~~ total memory freed........: 7602295 bytes -~~ total allocations/frees...: 142714/142714 +~~ total memory allocated....: 7775312 bytes +~~ total memory freed........: 7775312 bytes +~~ total allocations/frees...: 146395/146395 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 311 chars ~~ json string max len.......: 1220 chars diff --git a/test/results/default/tls_long_cert.pcap.out b/test/results/default/tls_long_cert.pcap.out index 27c00ea2e..202d2fe1c 100644 --- a/test/results/default/tls_long_cert.pcap.out +++ b/test/results/default/tls_long_cert.pcap.out @@ -20,9 +20,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7641927 bytes -~~ total memory freed........: 7641927 bytes -~~ total allocations/frees...: 142936/142936 +~~ total memory allocated....: 7814920 bytes +~~ total memory freed........: 7814920 bytes +~~ total allocations/frees...: 146617/146617 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2738 chars diff --git a/test/results/default/tls_missing_ch_frag.pcap.out b/test/results/default/tls_missing_ch_frag.pcap.out index ae493eccd..f88a5fe64 100644 --- a/test/results/default/tls_missing_ch_frag.pcap.out +++ b/test/results/default/tls_missing_ch_frag.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7606007 bytes -~~ total memory freed........: 7606007 bytes -~~ total allocations/frees...: 142708/142708 +~~ total memory allocated....: 7779000 bytes +~~ total memory freed........: 7779000 bytes +~~ total allocations/frees...: 146389/146389 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 525 chars ~~ json string max len.......: 2446 chars diff --git a/test/results/default/tls_multiple_synack_different_seq.pcapng.out b/test/results/default/tls_multiple_synack_different_seq.pcapng.out index 3db470e18..d577596ac 100644 --- a/test/results/default/tls_multiple_synack_different_seq.pcapng.out +++ b/test/results/default/tls_multiple_synack_different_seq.pcapng.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7613818 bytes -~~ total memory freed........: 7613818 bytes -~~ total allocations/frees...: 142723/142723 +~~ total memory allocated....: 7786811 bytes +~~ total memory freed........: 7786811 bytes +~~ total allocations/frees...: 146404/146404 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 541 chars ~~ json string max len.......: 2013 chars diff --git a/test/results/default/tls_port_80.pcapng.out b/test/results/default/tls_port_80.pcapng.out index f357fdca9..64c127d90 100644 --- a/test/results/default/tls_port_80.pcapng.out +++ b/test/results/default/tls_port_80.pcapng.out @@ -18,9 +18,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7598346 bytes -~~ total memory freed........: 7598346 bytes -~~ total allocations/frees...: 142710/142710 +~~ total memory allocated....: 7771339 bytes +~~ total memory freed........: 7771339 bytes +~~ total allocations/frees...: 146391/146391 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 1499 chars diff --git a/test/results/default/tls_torrent.pcapng.out b/test/results/default/tls_torrent.pcapng.out index e11bccbdd..e821d2078 100644 --- a/test/results/default/tls_torrent.pcapng.out +++ b/test/results/default/tls_torrent.pcapng.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7610545 bytes -~~ total memory freed........: 7610545 bytes -~~ total allocations/frees...: 142707/142707 +~~ total memory allocated....: 7783538 bytes +~~ total memory freed........: 7783538 bytes +~~ total allocations/frees...: 146388/146388 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2426 chars diff --git a/test/results/default/tls_unidirectional.pcap.out b/test/results/default/tls_unidirectional.pcap.out index e5cbdbb21..9394ed531 100644 --- a/test/results/default/tls_unidirectional.pcap.out +++ b/test/results/default/tls_unidirectional.pcap.out @@ -27,9 +27,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7770711 bytes -~~ total memory freed........: 7770711 bytes -~~ total allocations/frees...: 142875/142875 +~~ total memory allocated....: 7943728 bytes +~~ total memory freed........: 7943728 bytes +~~ total allocations/frees...: 146556/146556 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 524 chars ~~ json string max len.......: 3812 chars diff --git a/test/results/default/tls_verylong_certificate.pcap.out b/test/results/default/tls_verylong_certificate.pcap.out index cbb58ab4e..ca74809b8 100644 --- a/test/results/default/tls_verylong_certificate.pcap.out +++ b/test/results/default/tls_verylong_certificate.pcap.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7769488 bytes -~~ total memory freed........: 7769488 bytes -~~ total allocations/frees...: 142877/142877 +~~ total memory allocated....: 7942481 bytes +~~ total memory freed........: 7942481 bytes +~~ total allocations/frees...: 146558/146558 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 530 chars ~~ json string max len.......: 3917 chars diff --git a/test/results/default/toca-boca.pcap.out b/test/results/default/toca-boca.pcap.out index 9cd7d0d86..3a22e6d98 100644 --- a/test/results/default/toca-boca.pcap.out +++ b/test/results/default/toca-boca.pcap.out @@ -124,9 +124,9 @@ ~~ total active/idle flows...: 21/21 ~~ total timeout flows.......: 3 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7638473 bytes -~~ total memory freed........: 7638473 bytes -~~ total allocations/frees...: 142987/142987 +~~ total memory allocated....: 7811946 bytes +~~ total memory freed........: 7811946 bytes +~~ total allocations/frees...: 146668/146668 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 2176 chars diff --git a/test/results/default/tor.pcap.out b/test/results/default/tor.pcap.out index 5f4db6eb1..50b7305c8 100644 --- a/test/results/default/tor.pcap.out +++ b/test/results/default/tor.pcap.out @@ -172,9 +172,9 @@ ~~ total active/idle flows...: 11/11 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7654323 bytes -~~ total memory freed........: 7654323 bytes -~~ total allocations/frees...: 143187/143187 +~~ total memory allocated....: 7827556 bytes +~~ total memory freed........: 7827556 bytes +~~ total allocations/frees...: 146868/146868 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 293 chars ~~ json string max len.......: 2678 chars diff --git a/test/results/default/tplink_shp.pcap.out b/test/results/default/tplink_shp.pcap.out index f63b48b59..971c41926 100644 --- a/test/results/default/tplink_shp.pcap.out +++ b/test/results/default/tplink_shp.pcap.out @@ -320,9 +320,9 @@ ~~ total active/idle flows...: 8/8 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7615683 bytes -~~ total memory freed........: 7615683 bytes -~~ total allocations/frees...: 143010/143010 +~~ total memory allocated....: 7788844 bytes +~~ total memory freed........: 7788844 bytes +~~ total allocations/frees...: 146691/146691 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2290 chars diff --git a/test/results/default/trickbot.pcap.out b/test/results/default/trickbot.pcap.out index cd5927a9f..b9ce874d2 100644 --- a/test/results/default/trickbot.pcap.out +++ b/test/results/default/trickbot.pcap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596147 bytes -~~ total memory freed........: 7596147 bytes -~~ total allocations/frees...: 142772/142772 +~~ total memory allocated....: 7769140 bytes +~~ total memory freed........: 7769140 bytes +~~ total allocations/frees...: 146453/146453 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2535 chars diff --git a/test/results/default/tumblr.pcap.out b/test/results/default/tumblr.pcap.out index a2ec5a066..fff3d08fa 100644 --- a/test/results/default/tumblr.pcap.out +++ b/test/results/default/tumblr.pcap.out @@ -324,9 +324,9 @@ ~~ total active/idle flows...: 47/47 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8240826 bytes -~~ total memory freed........: 8240826 bytes -~~ total allocations/frees...: 144077/144077 +~~ total memory allocated....: 8414923 bytes +~~ total memory freed........: 8414923 bytes +~~ total allocations/frees...: 147758/147758 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2269 chars diff --git a/test/results/default/tunnelbear.pcap.out b/test/results/default/tunnelbear.pcap.out index b5fdb9174..b402b31b9 100644 --- a/test/results/default/tunnelbear.pcap.out +++ b/test/results/default/tunnelbear.pcap.out @@ -199,9 +199,9 @@ ~~ total active/idle flows...: 21/21 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7769575 bytes -~~ total memory freed........: 7769575 bytes -~~ total allocations/frees...: 143452/143452 +~~ total memory allocated....: 7943048 bytes +~~ total memory freed........: 7943048 bytes +~~ total allocations/frees...: 147133/147133 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2185 chars diff --git a/test/results/default/tuya_lp.pcap.out b/test/results/default/tuya_lp.pcap.out index 5ea0a763c..4f1351977 100644 --- a/test/results/default/tuya_lp.pcap.out +++ b/test/results/default/tuya_lp.pcap.out @@ -113,9 +113,9 @@ ~~ total active/idle flows...: 13/13 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7621726 bytes -~~ total memory freed........: 7621726 bytes -~~ total allocations/frees...: 142907/142907 +~~ total memory allocated....: 7795007 bytes +~~ total memory freed........: 7795007 bytes +~~ total allocations/frees...: 146588/146588 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 985 chars diff --git a/test/results/default/ubntac2.pcap.out b/test/results/default/ubntac2.pcap.out index 33a7767da..ba6c0fbb8 100644 --- a/test/results/default/ubntac2.pcap.out +++ b/test/results/default/ubntac2.pcap.out @@ -43,9 +43,9 @@ ~~ total active/idle flows...: 8/8 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7608636 bytes -~~ total memory freed........: 7608636 bytes -~~ total allocations/frees...: 142767/142767 +~~ total memory allocated....: 7781797 bytes +~~ total memory freed........: 7781797 bytes +~~ total allocations/frees...: 146448/146448 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 989 chars diff --git a/test/results/default/ultrasurf.pcap.out b/test/results/default/ultrasurf.pcap.out index adc778931..8591138cb 100644 --- a/test/results/default/ultrasurf.pcap.out +++ b/test/results/default/ultrasurf.pcap.out @@ -38,9 +38,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7632616 bytes -~~ total memory freed........: 7632616 bytes -~~ total allocations/frees...: 143059/143059 +~~ total memory allocated....: 7805657 bytes +~~ total memory freed........: 7805657 bytes +~~ total allocations/frees...: 146740/146740 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 4049 chars diff --git a/test/results/default/upnp.pcap.out b/test/results/default/upnp.pcap.out index 96a449a4a..00602e30f 100644 --- a/test/results/default/upnp.pcap.out +++ b/test/results/default/upnp.pcap.out @@ -25,9 +25,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596234 bytes -~~ total memory freed........: 7596234 bytes -~~ total allocations/frees...: 142713/142713 +~~ total memory allocated....: 7769251 bytes +~~ total memory freed........: 7769251 bytes +~~ total allocations/frees...: 146394/146394 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1419 chars diff --git a/test/results/default/viber.pcap.out b/test/results/default/viber.pcap.out index 0bfeed9fd..080122219 100644 --- a/test/results/default/viber.pcap.out +++ b/test/results/default/viber.pcap.out @@ -229,9 +229,9 @@ ~~ total active/idle flows...: 29/29 ~~ total timeout flows.......: 4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7826176 bytes -~~ total memory freed........: 7826176 bytes -~~ total allocations/frees...: 143504/143504 +~~ total memory allocated....: 7999841 bytes +~~ total memory freed........: 7999841 bytes +~~ total allocations/frees...: 147185/147185 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2483 chars diff --git a/test/results/default/vk.pcapng.out b/test/results/default/vk.pcapng.out index 2dcf8721e..35b1ec4d9 100644 --- a/test/results/default/vk.pcapng.out +++ b/test/results/default/vk.pcapng.out @@ -86,9 +86,9 @@ ~~ total active/idle flows...: 10/10 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7659829 bytes -~~ total memory freed........: 7659829 bytes -~~ total allocations/frees...: 143716/143716 +~~ total memory allocated....: 7833038 bytes +~~ total memory freed........: 7833038 bytes +~~ total allocations/frees...: 147397/147397 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 1979 chars diff --git a/test/results/default/vnc.pcap.out b/test/results/default/vnc.pcap.out index aff529f24..1310bf83a 100644 --- a/test/results/default/vnc.pcap.out +++ b/test/results/default/vnc.pcap.out @@ -27,9 +27,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7731979 bytes -~~ total memory freed........: 7731979 bytes -~~ total allocations/frees...: 147256/147256 +~~ total memory allocated....: 7904996 bytes +~~ total memory freed........: 7904996 bytes +~~ total allocations/frees...: 150937/150937 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 2389 chars diff --git a/test/results/default/vrrp3.pcapng.out b/test/results/default/vrrp3.pcapng.out index 4f102eb5a..ad9a03df6 100644 --- a/test/results/default/vrrp3.pcapng.out +++ b/test/results/default/vrrp3.pcapng.out @@ -21,9 +21,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596118 bytes -~~ total memory freed........: 7596118 bytes -~~ total allocations/frees...: 142709/142709 +~~ total memory allocated....: 7769135 bytes +~~ total memory freed........: 7769135 bytes +~~ total allocations/frees...: 146390/146390 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 926 chars diff --git a/test/results/default/vxlan.pcap.out b/test/results/default/vxlan.pcap.out index ef0eefa2c..8b71171aa 100644 --- a/test/results/default/vxlan.pcap.out +++ b/test/results/default/vxlan.pcap.out @@ -69,9 +69,9 @@ ~~ total active/idle flows...: 9/9 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7614435 bytes -~~ total memory freed........: 7614435 bytes -~~ total allocations/frees...: 142905/142905 +~~ total memory allocated....: 7787620 bytes +~~ total memory freed........: 7787620 bytes +~~ total allocations/frees...: 146586/146586 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2500 chars diff --git a/test/results/default/wa_video.pcap.out b/test/results/default/wa_video.pcap.out index 87d47863e..e779fcc16 100644 --- a/test/results/default/wa_video.pcap.out +++ b/test/results/default/wa_video.pcap.out @@ -104,9 +104,9 @@ ~~ total active/idle flows...: 14/14 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7645901 bytes -~~ total memory freed........: 7645901 bytes -~~ total allocations/frees...: 143609/143609 +~~ total memory allocated....: 7819206 bytes +~~ total memory freed........: 7819206 bytes +~~ total allocations/frees...: 147290/147290 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2461 chars diff --git a/test/results/default/wa_voice.pcap.out b/test/results/default/wa_voice.pcap.out index 0c5689a64..01584618b 100644 --- a/test/results/default/wa_voice.pcap.out +++ b/test/results/default/wa_voice.pcap.out @@ -213,9 +213,9 @@ ~~ total active/idle flows...: 28/28 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7686602 bytes -~~ total memory freed........: 7686602 bytes -~~ total allocations/frees...: 143722/143722 +~~ total memory allocated....: 7860243 bytes +~~ total memory freed........: 7860243 bytes +~~ total allocations/frees...: 147403/147403 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2501 chars diff --git a/test/results/default/waze.pcap.out b/test/results/default/waze.pcap.out index c4a3065d1..166649280 100644 --- a/test/results/default/waze.pcap.out +++ b/test/results/default/waze.pcap.out @@ -290,9 +290,9 @@ ~~ total active/idle flows...: 33/33 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7971471 bytes -~~ total memory freed........: 7971471 bytes -~~ total allocations/frees...: 143784/143784 +~~ total memory allocated....: 8145232 bytes +~~ total memory freed........: 8145232 bytes +~~ total allocations/frees...: 147465/147465 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 510 chars ~~ json string max len.......: 2461 chars diff --git a/test/results/default/webex.pcap.out b/test/results/default/webex.pcap.out index 99e5def71..db410a796 100644 --- a/test/results/default/webex.pcap.out +++ b/test/results/default/webex.pcap.out @@ -505,9 +505,9 @@ ~~ total active/idle flows...: 57/57 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8122786 bytes -~~ total memory freed........: 8122786 bytes -~~ total allocations/frees...: 144760/144760 +~~ total memory allocated....: 8297123 bytes +~~ total memory freed........: 8297123 bytes +~~ total allocations/frees...: 148441/148441 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2462 chars diff --git a/test/results/default/websocket.pcap.out b/test/results/default/websocket.pcap.out index 3991e29c1..6c78fd249 100644 --- a/test/results/default/websocket.pcap.out +++ b/test/results/default/websocket.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595953 bytes -~~ total memory freed........: 7595953 bytes -~~ total allocations/frees...: 142696/142696 +~~ total memory allocated....: 7768946 bytes +~~ total memory freed........: 7768946 bytes +~~ total allocations/frees...: 146377/146377 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 1103 chars diff --git a/test/results/default/wechat.pcap.out b/test/results/default/wechat.pcap.out index 9d1ffd370..509b7d6c1 100644 --- a/test/results/default/wechat.pcap.out +++ b/test/results/default/wechat.pcap.out @@ -891,9 +891,9 @@ ~~ total active/idle flows...: 109/109 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8329411 bytes -~~ total memory freed........: 8329411 bytes -~~ total allocations/frees...: 146169/146169 +~~ total memory allocated....: 8504996 bytes +~~ total memory freed........: 8504996 bytes +~~ total allocations/frees...: 149850/149850 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 2351 chars diff --git a/test/results/default/weibo.pcap.out b/test/results/default/weibo.pcap.out index 52e117030..dae142064 100644 --- a/test/results/default/weibo.pcap.out +++ b/test/results/default/weibo.pcap.out @@ -273,9 +273,9 @@ ~~ total active/idle flows...: 44/44 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7703864 bytes -~~ total memory freed........: 7703864 bytes -~~ total allocations/frees...: 143725/143725 +~~ total memory allocated....: 7877889 bytes +~~ total memory freed........: 7877889 bytes +~~ total allocations/frees...: 147406/147406 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2222 chars diff --git a/test/results/default/whatsapp.pcap.out b/test/results/default/whatsapp.pcap.out index 3c55cea71..7abb3457b 100644 --- a/test/results/default/whatsapp.pcap.out +++ b/test/results/default/whatsapp.pcap.out @@ -757,9 +757,9 @@ ~~ total active/idle flows...: 86/86 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7970119 bytes -~~ total memory freed........: 7970119 bytes -~~ total allocations/frees...: 144390/144390 +~~ total memory allocated....: 8145152 bytes +~~ total memory freed........: 8145152 bytes +~~ total allocations/frees...: 148071/148071 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2263 chars diff --git a/test/results/default/whatsapp_login_call.pcap.out b/test/results/default/whatsapp_login_call.pcap.out index 62b4243f3..494b405d2 100644 --- a/test/results/default/whatsapp_login_call.pcap.out +++ b/test/results/default/whatsapp_login_call.pcap.out @@ -467,9 +467,9 @@ ~~ total active/idle flows...: 57/57 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7783693 bytes -~~ total memory freed........: 7783693 bytes -~~ total allocations/frees...: 144572/144572 +~~ total memory allocated....: 7958030 bytes +~~ total memory freed........: 7958030 bytes +~~ total allocations/frees...: 148253/148253 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 525 chars ~~ json string max len.......: 2513 chars diff --git a/test/results/default/whatsapp_login_chat.pcap.out b/test/results/default/whatsapp_login_chat.pcap.out index 7c859d13e..5dcc9f016 100644 --- a/test/results/default/whatsapp_login_chat.pcap.out +++ b/test/results/default/whatsapp_login_chat.pcap.out @@ -65,9 +65,9 @@ ~~ total active/idle flows...: 9/9 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7621501 bytes -~~ total memory freed........: 7621501 bytes -~~ total allocations/frees...: 142870/142870 +~~ total memory allocated....: 7794686 bytes +~~ total memory freed........: 7794686 bytes +~~ total allocations/frees...: 146551/146551 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 525 chars ~~ json string max len.......: 2496 chars diff --git a/test/results/default/whatsapp_voice_and_message.pcap.out b/test/results/default/whatsapp_voice_and_message.pcap.out index 2f6b17445..c096f09cb 100644 --- a/test/results/default/whatsapp_voice_and_message.pcap.out +++ b/test/results/default/whatsapp_voice_and_message.pcap.out @@ -132,9 +132,9 @@ ~~ total active/idle flows...: 13/13 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7637057 bytes -~~ total memory freed........: 7637057 bytes -~~ total allocations/frees...: 143088/143088 +~~ total memory allocated....: 7810338 bytes +~~ total memory freed........: 7810338 bytes +~~ total allocations/frees...: 146769/146769 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 532 chars ~~ json string max len.......: 2215 chars diff --git a/test/results/default/whatsappfiles.pcap.out b/test/results/default/whatsappfiles.pcap.out index 74c13ed2e..477df6ca5 100644 --- a/test/results/default/whatsappfiles.pcap.out +++ b/test/results/default/whatsappfiles.pcap.out @@ -30,9 +30,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7628511 bytes -~~ total memory freed........: 7628511 bytes -~~ total allocations/frees...: 143339/143339 +~~ total memory allocated....: 7801528 bytes +~~ total memory freed........: 7801528 bytes +~~ total allocations/frees...: 147020/147020 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2206 chars diff --git a/test/results/default/whois.pcapng.out b/test/results/default/whois.pcapng.out index 4f4124b85..51bf7d9b9 100644 --- a/test/results/default/whois.pcapng.out +++ b/test/results/default/whois.pcapng.out @@ -36,9 +36,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604923 bytes -~~ total memory freed........: 7604923 bytes -~~ total allocations/frees...: 142743/142743 +~~ total memory allocated....: 7777964 bytes +~~ total memory freed........: 7777964 bytes +~~ total allocations/frees...: 146424/146424 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 2145 chars diff --git a/test/results/default/windowsupdate_over_http.pcap.out b/test/results/default/windowsupdate_over_http.pcap.out index 55d58c73b..4ce4100dc 100644 --- a/test/results/default/windowsupdate_over_http.pcap.out +++ b/test/results/default/windowsupdate_over_http.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7595239 bytes -~~ total memory freed........: 7595239 bytes -~~ total allocations/frees...: 142726/142726 +~~ total memory allocated....: 7768232 bytes +~~ total memory freed........: 7768232 bytes +~~ total allocations/frees...: 146407/146407 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 521 chars ~~ json string max len.......: 1617 chars diff --git a/test/results/default/wireguard.pcap.out b/test/results/default/wireguard.pcap.out index cfe2f0859..0550521b2 100644 --- a/test/results/default/wireguard.pcap.out +++ b/test/results/default/wireguard.pcap.out @@ -27,9 +27,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7597392 bytes -~~ total memory freed........: 7597392 bytes -~~ total allocations/frees...: 142753/142753 +~~ total memory allocated....: 7770409 bytes +~~ total memory freed........: 7770409 bytes +~~ total allocations/frees...: 146434/146434 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 515 chars ~~ json string max len.......: 1610 chars diff --git a/test/results/default/wow.pcap.out b/test/results/default/wow.pcap.out index cb96fffc0..011f654f7 100644 --- a/test/results/default/wow.pcap.out +++ b/test/results/default/wow.pcap.out @@ -50,9 +50,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7611514 bytes -~~ total memory freed........: 7611514 bytes -~~ total allocations/frees...: 142846/142846 +~~ total memory allocated....: 7784603 bytes +~~ total memory freed........: 7784603 bytes +~~ total allocations/frees...: 146527/146527 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 1213 chars diff --git a/test/results/default/xdmcp.pcap.out b/test/results/default/xdmcp.pcap.out index 28aee9e77..61b0140b2 100644 --- a/test/results/default/xdmcp.pcap.out +++ b/test/results/default/xdmcp.pcap.out @@ -17,9 +17,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593934 bytes -~~ total memory freed........: 7593934 bytes -~~ total allocations/frees...: 142696/142696 +~~ total memory allocated....: 7766927 bytes +~~ total memory freed........: 7766927 bytes +~~ total allocations/frees...: 146377/146377 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 1091 chars diff --git a/test/results/default/xiaomi.pcap.out b/test/results/default/xiaomi.pcap.out index ea5eda3d2..65007e4ee 100644 --- a/test/results/default/xiaomi.pcap.out +++ b/test/results/default/xiaomi.pcap.out @@ -64,9 +64,9 @@ ~~ total active/idle flows...: 7/7 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7620947 bytes -~~ total memory freed........: 7620947 bytes -~~ total allocations/frees...: 142830/142830 +~~ total memory allocated....: 7794084 bytes +~~ total memory freed........: 7794084 bytes +~~ total allocations/frees...: 146511/146511 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1835 chars diff --git a/test/results/default/xss.pcap.out b/test/results/default/xss.pcap.out index 83ad49d27..5f4127ffc 100644 --- a/test/results/default/xss.pcap.out +++ b/test/results/default/xss.pcap.out @@ -23,9 +23,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7596564 bytes -~~ total memory freed........: 7596564 bytes -~~ total allocations/frees...: 142720/142720 +~~ total memory allocated....: 7769581 bytes +~~ total memory freed........: 7769581 bytes +~~ total allocations/frees...: 146401/146401 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 509 chars ~~ json string max len.......: 1386 chars diff --git a/test/results/default/yandex.pcapng.out b/test/results/default/yandex.pcapng.out index 5b20da11d..f2ca5a947 100644 --- a/test/results/default/yandex.pcapng.out +++ b/test/results/default/yandex.pcapng.out @@ -90,9 +90,9 @@ ~~ total active/idle flows...: 9/9 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7708708 bytes -~~ total memory freed........: 7708708 bytes -~~ total allocations/frees...: 143006/143006 +~~ total memory allocated....: 7881893 bytes +~~ total memory freed........: 7881893 bytes +~~ total allocations/frees...: 146687/146687 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 514 chars ~~ json string max len.......: 2738 chars diff --git a/test/results/default/youtube_quic.pcap.out b/test/results/default/youtube_quic.pcap.out index 9c9948f83..25553b30d 100644 --- a/test/results/default/youtube_quic.pcap.out +++ b/test/results/default/youtube_quic.pcap.out @@ -34,9 +34,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7606533 bytes -~~ total memory freed........: 7606533 bytes -~~ total allocations/frees...: 143004/143004 +~~ total memory allocated....: 7779574 bytes +~~ total memory freed........: 7779574 bytes +~~ total allocations/frees...: 146685/146685 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 518 chars ~~ json string max len.......: 2350 chars diff --git a/test/results/default/youtubeupload.pcap.out b/test/results/default/youtubeupload.pcap.out index 4e083405a..fa4b80e83 100644 --- a/test/results/default/youtubeupload.pcap.out +++ b/test/results/default/youtubeupload.pcap.out @@ -36,9 +36,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7614440 bytes -~~ total memory freed........: 7614440 bytes -~~ total allocations/frees...: 142872/142872 +~~ total memory allocated....: 7787481 bytes +~~ total memory freed........: 7787481 bytes +~~ total allocations/frees...: 146553/146553 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 519 chars ~~ json string max len.......: 2355 chars diff --git a/test/results/default/z3950.pcapng.out b/test/results/default/z3950.pcapng.out index 96c6900bd..17fda95b6 100644 --- a/test/results/default/z3950.pcapng.out +++ b/test/results/default/z3950.pcapng.out @@ -26,9 +26,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600879 bytes -~~ total memory freed........: 7600879 bytes -~~ total allocations/frees...: 142734/142734 +~~ total memory allocated....: 7773896 bytes +~~ total memory freed........: 7773896 bytes +~~ total allocations/frees...: 146415/146415 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 513 chars ~~ json string max len.......: 1110 chars diff --git a/test/results/default/zabbix.pcap.out b/test/results/default/zabbix.pcap.out index 055d35136..9dff8bb94 100644 --- a/test/results/default/zabbix.pcap.out +++ b/test/results/default/zabbix.pcap.out @@ -202,9 +202,9 @@ ~~ total active/idle flows...: 24/24 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7649456 bytes -~~ total memory freed........: 7649456 bytes -~~ total allocations/frees...: 143179/143179 +~~ total memory allocated....: 7823001 bytes +~~ total memory freed........: 7823001 bytes +~~ total allocations/frees...: 146860/146860 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1004 chars diff --git a/test/results/default/zattoo.pcap.out b/test/results/default/zattoo.pcap.out index 9e74adb53..ffa206795 100644 --- a/test/results/default/zattoo.pcap.out +++ b/test/results/default/zattoo.pcap.out @@ -26,9 +26,9 @@ ~~ total active/idle flows...: 2/2 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7601301 bytes -~~ total memory freed........: 7601301 bytes -~~ total allocations/frees...: 142744/142744 +~~ total memory allocated....: 7774318 bytes +~~ total memory freed........: 7774318 bytes +~~ total allocations/frees...: 146425/146425 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 512 chars ~~ json string max len.......: 1982 chars diff --git a/test/results/default/zcash.pcap.out b/test/results/default/zcash.pcap.out index 32fb64576..106b41f3c 100644 --- a/test/results/default/zcash.pcap.out +++ b/test/results/default/zcash.pcap.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7600013 bytes -~~ total memory freed........: 7600013 bytes -~~ total allocations/frees...: 142836/142836 +~~ total memory allocated....: 7773006 bytes +~~ total memory freed........: 7773006 bytes +~~ total allocations/frees...: 146517/146517 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2472 chars diff --git a/test/results/default/zoom.pcap.out b/test/results/default/zoom.pcap.out index 78e96652f..96aa09370 100644 --- a/test/results/default/zoom.pcap.out +++ b/test/results/default/zoom.pcap.out @@ -256,9 +256,9 @@ ~~ total active/idle flows...: 33/33 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7917218 bytes -~~ total memory freed........: 7917218 bytes -~~ total allocations/frees...: 143836/143836 +~~ total memory allocated....: 8090979 bytes +~~ total memory freed........: 8090979 bytes +~~ total allocations/frees...: 147517/147517 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 298 chars ~~ json string max len.......: 2404 chars diff --git a/test/results/default/zoom2.pcap.out b/test/results/default/zoom2.pcap.out index 5c169f237..9919e270b 100644 --- a/test/results/default/zoom2.pcap.out +++ b/test/results/default/zoom2.pcap.out @@ -54,9 +54,9 @@ ~~ total active/idle flows...: 5/5 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7686291 bytes -~~ total memory freed........: 7686291 bytes -~~ total allocations/frees...: 145257/145257 +~~ total memory allocated....: 7859380 bytes +~~ total memory freed........: 7859380 bytes +~~ total allocations/frees...: 148938/148938 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 511 chars ~~ json string max len.......: 2217 chars diff --git a/test/results/default/zoom_p2p.pcapng.out b/test/results/default/zoom_p2p.pcapng.out index ecdd2f622..ab8845bb7 100644 --- a/test/results/default/zoom_p2p.pcapng.out +++ b/test/results/default/zoom_p2p.pcapng.out @@ -137,9 +137,9 @@ ~~ total active/idle flows...: 13/13 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7641291 bytes -~~ total memory freed........: 7641291 bytes -~~ total allocations/frees...: 143582/143582 +~~ total memory allocated....: 7814572 bytes +~~ total memory freed........: 7814572 bytes +~~ total allocations/frees...: 147263/147263 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 516 chars ~~ json string max len.......: 2296 chars diff --git a/test/results/disable_aggressiveness/ookla.pcap.out b/test/results/disable_aggressiveness/ookla.pcap.out index fdabace80..19cfc7c76 100644 --- a/test/results/disable_aggressiveness/ookla.pcap.out +++ b/test/results/disable_aggressiveness/ookla.pcap.out @@ -61,9 +61,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7625096 bytes -~~ total memory freed........: 7625096 bytes -~~ total allocations/frees...: 142877/142877 +~~ total memory allocated....: 7798209 bytes +~~ total memory freed........: 7798209 bytes +~~ total allocations/frees...: 146558/146558 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 526 chars ~~ json string max len.......: 1414 chars diff --git a/test/results/disable_protocols/dns_long_domainname.pcap.out b/test/results/disable_protocols/dns_long_domainname.pcap.out index de911f5b4..925de37b3 100644 --- a/test/results/disable_protocols/dns_long_domainname.pcap.out +++ b/test/results/disable_protocols/dns_long_domainname.pcap.out @@ -15,9 +15,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7593842 bytes -~~ total memory freed........: 7593842 bytes -~~ total allocations/frees...: 142693/142693 +~~ total memory allocated....: 7766835 bytes +~~ total memory freed........: 7766835 bytes +~~ total allocations/frees...: 146374/146374 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 535 chars ~~ json string max len.......: 1231 chars diff --git a/test/results/disable_protocols/pluralsight.pcap.out b/test/results/disable_protocols/pluralsight.pcap.out index be30597e1..34657fd27 100644 --- a/test/results/disable_protocols/pluralsight.pcap.out +++ b/test/results/disable_protocols/pluralsight.pcap.out @@ -65,9 +65,9 @@ ~~ total active/idle flows...: 6/6 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7664002 bytes -~~ total memory freed........: 7664002 bytes -~~ total allocations/frees...: 142845/142845 +~~ total memory allocated....: 7837115 bytes +~~ total memory freed........: 7837115 bytes +~~ total allocations/frees...: 146526/146526 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 527 chars ~~ json string max len.......: 2533 chars diff --git a/test/results/disable_protocols/quic-mvfst-27.pcapng.out b/test/results/disable_protocols/quic-mvfst-27.pcapng.out index a906fd94c..1f65b3dc8 100644 --- a/test/results/disable_protocols/quic-mvfst-27.pcapng.out +++ b/test/results/disable_protocols/quic-mvfst-27.pcapng.out @@ -16,9 +16,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7604451 bytes -~~ total memory freed........: 7604451 bytes -~~ total allocations/frees...: 142731/142731 +~~ total memory allocated....: 7777444 bytes +~~ total memory freed........: 7777444 bytes +~~ total allocations/frees...: 146412/146412 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 531 chars ~~ json string max len.......: 2285 chars diff --git a/test/results/disable_protocols/soap.pcap.out b/test/results/disable_protocols/soap.pcap.out index 7e2b39deb..7d8a2ba90 100644 --- a/test/results/disable_protocols/soap.pcap.out +++ b/test/results/disable_protocols/soap.pcap.out @@ -30,9 +30,9 @@ ~~ total active/idle flows...: 3/3 ~~ total timeout flows.......: 1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7602826 bytes -~~ total memory freed........: 7602826 bytes -~~ total allocations/frees...: 142740/142740 +~~ total memory allocated....: 7775867 bytes +~~ total memory freed........: 7775867 bytes +~~ total allocations/frees...: 146421/146421 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 520 chars ~~ json string max len.......: 2479 chars diff --git a/test/results/disable_stun_monitoring/lru_ipv6_caches.pcapng.out b/test/results/disable_stun_monitoring/lru_ipv6_caches.pcapng.out index 81a8b9735..1d68e15b5 100644 --- a/test/results/disable_stun_monitoring/lru_ipv6_caches.pcapng.out +++ b/test/results/disable_stun_monitoring/lru_ipv6_caches.pcapng.out @@ -89,9 +89,9 @@ ~~ total active/idle flows...: 12/12 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7634427 bytes -~~ total memory freed........: 7634427 bytes -~~ total allocations/frees...: 142923/142923 +~~ total memory allocated....: 7807684 bytes +~~ total memory freed........: 7807684 bytes +~~ total allocations/frees...: 146604/146604 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 539 chars ~~ json string max len.......: 2417 chars diff --git a/test/results/enable_doh_heuristic/doh.pcapng.out b/test/results/enable_doh_heuristic/doh.pcapng.out index 1ffa06cb9..5aa0c6b0e 100644 --- a/test/results/enable_doh_heuristic/doh.pcapng.out +++ b/test/results/enable_doh_heuristic/doh.pcapng.out @@ -19,9 +19,9 @@ ~~ total active/idle flows...: 1/1 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7607170 bytes -~~ total memory freed........: 7607170 bytes -~~ total allocations/frees...: 142816/142816 +~~ total memory allocated....: 7780163 bytes +~~ total memory freed........: 7780163 bytes +~~ total allocations/frees...: 146497/146497 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 524 chars ~~ json string max len.......: 2293 chars diff --git a/test/results/enable_payload_stat/1kxun.pcap.out b/test/results/enable_payload_stat/1kxun.pcap.out index 679c07b50..e9cdae993 100644 --- a/test/results/enable_payload_stat/1kxun.pcap.out +++ b/test/results/enable_payload_stat/1kxun.pcap.out @@ -1290,9 +1290,9 @@ ~~ total active/idle flows...: 197/197 ~~ total timeout flows.......: 20 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8140447 bytes -~~ total memory freed........: 8140447 bytes -~~ total allocations/frees...: 147334/147334 +~~ total memory allocated....: 8318144 bytes +~~ total memory freed........: 8318144 bytes +~~ total allocations/frees...: 151015/151015 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 523 chars ~~ json string max len.......: 11864 chars diff --git a/test/results/enable_stun_monitoring_with_subproto/wa_voice.pcap.out b/test/results/enable_stun_monitoring_with_subproto/wa_voice.pcap.out index b12fdc9c8..c86995880 100644 --- a/test/results/enable_stun_monitoring_with_subproto/wa_voice.pcap.out +++ b/test/results/enable_stun_monitoring_with_subproto/wa_voice.pcap.out @@ -213,9 +213,9 @@ ~~ total active/idle flows...: 28/28 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7686602 bytes -~~ total memory freed........: 7686602 bytes -~~ total allocations/frees...: 143722/143722 +~~ total memory allocated....: 7860243 bytes +~~ total memory freed........: 7860243 bytes +~~ total allocations/frees...: 147403/147403 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 543 chars ~~ json string max len.......: 2530 chars diff --git a/test/results/flow-analyse/default/dns-google-nsid.pcapng.out b/test/results/flow-analyse/default/dns-google-nsid.pcapng.out new file mode 100644 index 000000000..bab73746f --- /dev/null +++ b/test/results/flow-analyse/default/dns-google-nsid.pcapng.out @@ -0,0 +1 @@ +flow_datalink,l3_proto,src_ip,dst_ip,l4_proto,src_port,dst_port,flow_state,flow_src_packets_processed,flow_dst_packets_processed,flow_first_seen,flow_src_last_pkt_time,flow_dst_last_pkt_time,flow_src_min_l4_payload_len,flow_dst_min_l4_payload_len,flow_src_max_l4_payload_len,flow_dst_max_l4_payload_len,flow_src_tot_l4_payload_len,flow_dst_tot_l4_payload_len,midstream,iat_min,iat_avg,iat_max,iat_stddev,iat_var,iat_ent,iat_data,pktlen_min,pktlen_avg,pktlen_max,pktlen_stddev,pktlen_var,pktlen_ent,pktlen_data,bins_c_to_s,bins_s_to_c,directions,entropies,proto,proto_id,encrypted,breed,category,confidence_id,confidence,risks diff --git a/test/results/flow-analyse/default/mullvad_dns.pcap.out b/test/results/flow-analyse/default/mullvad_dns.pcap.out new file mode 100644 index 000000000..bab73746f --- /dev/null +++ b/test/results/flow-analyse/default/mullvad_dns.pcap.out @@ -0,0 +1 @@ +flow_datalink,l3_proto,src_ip,dst_ip,l4_proto,src_port,dst_port,flow_state,flow_src_packets_processed,flow_dst_packets_processed,flow_first_seen,flow_src_last_pkt_time,flow_dst_last_pkt_time,flow_src_min_l4_payload_len,flow_dst_min_l4_payload_len,flow_src_max_l4_payload_len,flow_dst_max_l4_payload_len,flow_src_tot_l4_payload_len,flow_dst_tot_l4_payload_len,midstream,iat_min,iat_avg,iat_max,iat_stddev,iat_var,iat_ent,iat_data,pktlen_min,pktlen_avg,pktlen_max,pktlen_stddev,pktlen_var,pktlen_ent,pktlen_data,bins_c_to_s,bins_s_to_c,directions,entropies,proto,proto_id,encrypted,breed,category,confidence_id,confidence,risks diff --git a/test/results/flow-analyse/default/mullvad_wireguard.pcap.out b/test/results/flow-analyse/default/mullvad_wireguard.pcap.out new file mode 100644 index 000000000..bab73746f --- /dev/null +++ b/test/results/flow-analyse/default/mullvad_wireguard.pcap.out @@ -0,0 +1 @@ +flow_datalink,l3_proto,src_ip,dst_ip,l4_proto,src_port,dst_port,flow_state,flow_src_packets_processed,flow_dst_packets_processed,flow_first_seen,flow_src_last_pkt_time,flow_dst_last_pkt_time,flow_src_min_l4_payload_len,flow_dst_min_l4_payload_len,flow_src_max_l4_payload_len,flow_dst_max_l4_payload_len,flow_src_tot_l4_payload_len,flow_dst_tot_l4_payload_len,midstream,iat_min,iat_avg,iat_max,iat_stddev,iat_var,iat_ent,iat_data,pktlen_min,pktlen_avg,pktlen_max,pktlen_stddev,pktlen_var,pktlen_ent,pktlen_data,bins_c_to_s,bins_s_to_c,directions,entropies,proto,proto_id,encrypted,breed,category,confidence_id,confidence,risks diff --git a/test/results/flow-analyse/default/shadowsocks.pcap.out b/test/results/flow-analyse/default/shadowsocks.pcap.out new file mode 100644 index 000000000..bab73746f --- /dev/null +++ b/test/results/flow-analyse/default/shadowsocks.pcap.out @@ -0,0 +1 @@ +flow_datalink,l3_proto,src_ip,dst_ip,l4_proto,src_port,dst_port,flow_state,flow_src_packets_processed,flow_dst_packets_processed,flow_first_seen,flow_src_last_pkt_time,flow_dst_last_pkt_time,flow_src_min_l4_payload_len,flow_dst_min_l4_payload_len,flow_src_max_l4_payload_len,flow_dst_max_l4_payload_len,flow_src_tot_l4_payload_len,flow_dst_tot_l4_payload_len,midstream,iat_min,iat_avg,iat_max,iat_stddev,iat_var,iat_ent,iat_data,pktlen_min,pktlen_avg,pktlen_max,pktlen_stddev,pktlen_var,pktlen_ent,pktlen_data,bins_c_to_s,bins_s_to_c,directions,entropies,proto,proto_id,encrypted,breed,category,confidence_id,confidence,risks diff --git a/test/results/flow-analyse/default/srvloc-v1.pcapng.out b/test/results/flow-analyse/default/srvloc-v1.pcapng.out new file mode 100644 index 000000000..bab73746f --- /dev/null +++ b/test/results/flow-analyse/default/srvloc-v1.pcapng.out @@ -0,0 +1 @@ +flow_datalink,l3_proto,src_ip,dst_ip,l4_proto,src_port,dst_port,flow_state,flow_src_packets_processed,flow_dst_packets_processed,flow_first_seen,flow_src_last_pkt_time,flow_dst_last_pkt_time,flow_src_min_l4_payload_len,flow_dst_min_l4_payload_len,flow_src_max_l4_payload_len,flow_dst_max_l4_payload_len,flow_src_tot_l4_payload_len,flow_dst_tot_l4_payload_len,midstream,iat_min,iat_avg,iat_max,iat_stddev,iat_var,iat_ent,iat_data,pktlen_min,pktlen_avg,pktlen_max,pktlen_stddev,pktlen_var,pktlen_ent,pktlen_data,bins_c_to_s,bins_s_to_c,directions,entropies,proto,proto_id,encrypted,breed,category,confidence_id,confidence,risks diff --git a/test/results/flow-analyse/default/srvloc.pcap.out b/test/results/flow-analyse/default/srvloc.pcap.out new file mode 100644 index 000000000..bab73746f --- /dev/null +++ b/test/results/flow-analyse/default/srvloc.pcap.out @@ -0,0 +1 @@ +flow_datalink,l3_proto,src_ip,dst_ip,l4_proto,src_port,dst_port,flow_state,flow_src_packets_processed,flow_dst_packets_processed,flow_first_seen,flow_src_last_pkt_time,flow_dst_last_pkt_time,flow_src_min_l4_payload_len,flow_dst_min_l4_payload_len,flow_src_max_l4_payload_len,flow_dst_max_l4_payload_len,flow_src_tot_l4_payload_len,flow_dst_tot_l4_payload_len,midstream,iat_min,iat_avg,iat_max,iat_stddev,iat_var,iat_ent,iat_data,pktlen_min,pktlen_avg,pktlen_max,pktlen_stddev,pktlen_var,pktlen_ent,pktlen_data,bins_c_to_s,bins_s_to_c,directions,entropies,proto,proto_id,encrypted,breed,category,confidence_id,confidence,risks diff --git a/test/results/flow-info/default/KakaoTalk_chat.pcap.out b/test/results/flow-info/default/KakaoTalk_chat.pcap.out index 9a3507619..97503477a 100644 --- a/test/results/flow-info/default/KakaoTalk_chat.pcap.out +++ b/test/results/flow-info/default/KakaoTalk_chat.pcap.out @@ -212,6 +212,7 @@ idle: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS][Google][Web][Safe] RISK: Unidirectional Traffic guessed: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] + RISK: Fully encrypted flow idle: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] end: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] idle: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/Oscar.pcap.out b/test/results/flow-info/default/Oscar.pcap.out index bf180a05d..f9553705b 100644 --- a/test/results/flow-info/default/Oscar.pcap.out +++ b/test/results/flow-info/default/Oscar.pcap.out @@ -13,5 +13,6 @@ [PKTLENS.....: 64,46,40,355,50,40,605,40,92,130,40,56,1400,337,40,66,46,152,497,40,270,40,252,46,335,76,46,78,40,78,46,76] [ENTROPIES...: 4.4,4.9,4.7,7.1,4.7,4.7,5.2,4.7,4.0,4.3,4.6,4.3,3.8,3.9,4.6,4.3,4.5,3.5,4.2,4.6,3.7,4.6,5.5,4.5,3.4,4.8,4.5,5.0,4.6,4.5,4.5,4.8] guessed: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] [TLS][Unknown][Web][Safe] + RISK: Fully encrypted flow idle: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/custom_rules_same-ip_multiple_ports.pcapng.out b/test/results/flow-info/default/custom_rules_same-ip_multiple_ports.pcapng.out index 60c0f1c51..0892bc8fd 100644 --- a/test/results/flow-info/default/custom_rules_same-ip_multiple_ports.pcapng.out +++ b/test/results/flow-info/default/custom_rules_same-ip_multiple_ports.pcapng.out @@ -3,6 +3,12 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..192.168.1.245][56866] -> [........3.3.3.3][..443] new: [.....2] [ip4][..tcp] [..192.168.1.245][59682] -> [........3.3.3.3][..444] + DAEMON-EVENT: [Processed: 5 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....3] [ip4][..tcp] [..192.168.1.245][58288] -> [........3.3.3.3][..446] + not-detected: [.....3] [ip4][..tcp] [..192.168.1.245][58288] -> [........3.3.3.3][..446] [Unknown][Unknown][Unrated] + RISK: Unidirectional Traffic + idle: [.....3] [ip4][..tcp] [..192.168.1.245][58288] -> [........3.3.3.3][..446] guessed: [.....1] [ip4][..tcp] [..192.168.1.245][56866] -> [........3.3.3.3][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..192.168.1.245][56866] -> [........3.3.3.3][..443] diff --git a/test/results/flow-info/default/dns-google-nsid.pcapng.out b/test/results/flow-info/default/dns-google-nsid.pcapng.out new file mode 100644 index 000000000..36db0919e --- /dev/null +++ b/test/results/flow-info/default/dns-google-nsid.pcapng.out @@ -0,0 +1,41 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip6][..udp] [...2001:b07:a3d:c112:b332:20d:89ab:105e][41624] -> [...................2001:4860:4860::8844][...53] + detected: [.....1] [ip6][..udp] [...2001:b07:a3d:c112:b332:20d:89ab:105e][41624] -> [...................2001:4860:4860::8844][...53] [DNS][Unknown][Network][Acceptable][] + RISK: Unidirectional Traffic + detection-update: [.....1] [ip6][..udp] [...2001:b07:a3d:c112:b332:20d:89ab:105e][41624] -> [...................2001:4860:4860::8844][...53] [DNS][Unknown][Network][Acceptable][] + DAEMON-EVENT: [Processed: 2 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] + new: [.....2] [ip4][..udp] [...192.168.1.29][58580] -> [........8.8.4.4][...53] + detected: [.....2] [ip4][..udp] [...192.168.1.29][58580] -> [........8.8.4.4][...53] [DNS.ntop][Google][Network][Safe][www.ntop.org] + RISK: Unidirectional Traffic + detection-update: [.....2] [ip4][..udp] [...192.168.1.29][58580] -> [........8.8.4.4][...53] [DNS.ntop][Google][Network][Safe][www.ntop.org] + new: [.....3] [ip4][..udp] [...192.168.1.29][62500] -> [........8.8.4.4][...53] + detected: [.....3] [ip4][..udp] [...192.168.1.29][62500] -> [........8.8.4.4][...53] [DNS.Wikipedia][Google][Network][Safe][www.wikipedia.it] + RISK: Unidirectional Traffic + detection-update: [.....3] [ip4][..udp] [...192.168.1.29][62500] -> [........8.8.4.4][...53] [DNS.Wikipedia][Google][Network][Safe][www.wikipedia.it] + new: [.....4] [ip4][..udp] [...192.168.1.29][51166] -> [........8.8.4.4][...53] + detected: [.....4] [ip4][..udp] [...192.168.1.29][51166] -> [........8.8.4.4][...53] [DNS][Google][Network][Acceptable][www.wireshark.org] + RISK: Unidirectional Traffic + detection-update: [.....4] [ip4][..udp] [...192.168.1.29][51166] -> [........8.8.4.4][...53] [DNS][Google][Network][Acceptable][www.wireshark.org] + idle: [.....1] [ip6][..udp] [...2001:b07:a3d:c112:b332:20d:89ab:105e][41624] -> [...................2001:4860:4860::8844][...53] [DNS][Unknown][Network][Acceptable] + new: [.....5] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][46618] -> [...................2001:4860:4860::8888][...53] + detected: [.....5] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][46618] -> [...................2001:4860:4860::8888][...53] [DNS.ntop][Unknown][Network][Safe][www.ntop.org] + RISK: Unidirectional Traffic + detection-update: [.....5] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][46618] -> [...................2001:4860:4860::8888][...53] [DNS.ntop][Unknown][Network][Safe][www.ntop.org] + new: [.....6] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][44924] -> [...................2001:4860:4860::8888][...53] + detected: [.....6] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][44924] -> [...................2001:4860:4860::8888][...53] [DNS.Wikipedia][Unknown][Network][Safe][www.wikipedia.it] + RISK: Unidirectional Traffic + detection-update: [.....6] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][44924] -> [...................2001:4860:4860::8888][...53] [DNS.Wikipedia][Unknown][Network][Safe][www.wikipedia.it] + new: [.....7] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][43660] -> [...................2001:4860:4860::8888][...53] + detected: [.....7] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][43660] -> [...................2001:4860:4860::8888][...53] [DNS][Unknown][Network][Acceptable][www.wireshark.org] + RISK: Unidirectional Traffic + detection-update: [.....7] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][43660] -> [...................2001:4860:4860::8888][...53] [DNS][Unknown][Network][Acceptable][www.wireshark.org] + idle: [.....4] [ip4][..udp] [...192.168.1.29][51166] -> [........8.8.4.4][...53] [DNS][Google][Network][Acceptable] + idle: [.....5] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][46618] -> [...................2001:4860:4860::8888][...53] [DNS.ntop][Unknown][Network][Safe] + idle: [.....6] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][44924] -> [...................2001:4860:4860::8888][...53] [DNS.Wikipedia][Unknown][Network][Safe] + idle: [.....3] [ip4][..udp] [...192.168.1.29][62500] -> [........8.8.4.4][...53] [DNS.Wikipedia][Google][Network][Safe] + idle: [.....2] [ip4][..udp] [...192.168.1.29][58580] -> [........8.8.4.4][...53] [DNS.ntop][Google][Network][Safe] + idle: [.....7] [ip6][..udp] [...............2a03:b0c0:2:d0::360:4001][43660] -> [...................2001:4860:4860::8888][...53] [DNS][Unknown][Network][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/gnutella.pcap.out b/test/results/flow-info/default/gnutella.pcap.out index 4a3cb4e16..63e7eebba 100644 --- a/test/results/flow-info/default/gnutella.pcap.out +++ b/test/results/flow-info/default/gnutella.pcap.out @@ -4887,7 +4887,7 @@ new: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] detected: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic - guessed: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] [ProtonVPN][ProtonVPN][VPN][Acceptable] + not-detected: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] update: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] @@ -7035,7 +7035,7 @@ new: [...801] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [...............................ff02::16] detected: [...801] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 3882 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 169 / 801|skipped: 0|!detected: 309|guessed: 3|detection-updates: 5|updates: 2519] + DAEMON-EVENT: [Flows][active: 169 / 801|skipped: 0|!detected: 310|guessed: 2|detection-updates: 5|updates: 2519] not-detected: [....52] [ip4][..tcp] [......10.0.2.15][50212] -> [...95.17.124.40][.6776] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....52] [ip4][..tcp] [......10.0.2.15][50212] -> [...95.17.124.40][.6776] diff --git a/test/results/flow-info/default/mongo_false_positive.pcapng.out b/test/results/flow-info/default/mongo_false_positive.pcapng.out index 3b58d543d..8201fa0cb 100644 --- a/test/results/flow-info/default/mongo_false_positive.pcapng.out +++ b/test/results/flow-info/default/mongo_false_positive.pcapng.out @@ -3,5 +3,6 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..188.75.184.20][49542] -> [.251.182.120.32][..443] guessed: [.....1] [ip4][..tcp] [..188.75.184.20][49542] -> [.251.182.120.32][..443] [TLS][Unknown][Web][Safe] + RISK: Fully encrypted flow end: [.....1] [ip4][..tcp] [..188.75.184.20][49542] -> [.251.182.120.32][..443] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/mullvad_dns.pcap.out b/test/results/flow-info/default/mullvad_dns.pcap.out new file mode 100644 index 000000000..7bcbc4e42 --- /dev/null +++ b/test/results/flow-info/default/mullvad_dns.pcap.out @@ -0,0 +1,9 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.192.168.122.11][51696] -> [........9.9.9.9][...53] + detected: [.....1] [ip4][..udp] [.192.168.122.11][51696] -> [........9.9.9.9][...53] [DNS.Mullvad][Unknown][Network][Acceptable][www.mullvad.net] + RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.122.11][51696] -> [........9.9.9.9][...53] [DNS.Mullvad][Unknown][Network][Acceptable][www.mullvad.net] + idle: [.....1] [ip4][..udp] [.192.168.122.11][51696] -> [........9.9.9.9][...53] [DNS.Mullvad][Unknown][Network][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/mullvad_wireguard.pcap.out b/test/results/flow-info/default/mullvad_wireguard.pcap.out new file mode 100644 index 000000000..392ed7c24 --- /dev/null +++ b/test/results/flow-info/default/mullvad_wireguard.pcap.out @@ -0,0 +1,9 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.192.168.122.11][22595] -> [..198.54.131.98][.5060] + detected: [.....1] [ip4][..udp] [.192.168.122.11][22595] -> [..198.54.131.98][.5060] [WireGuard][Mullvad][VPN][Acceptable] + RISK: Known Proto on Non Std Port + idle: [.....1] [ip4][..udp] [.192.168.122.11][22595] -> [..198.54.131.98][.5060] [WireGuard][Mullvad][VPN][Acceptable] + RISK: Known Proto on Non Std Port + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ossfuzz_seed_fake_traces_2.pcapng.out b/test/results/flow-info/default/ossfuzz_seed_fake_traces_2.pcapng.out index 6f41be32b..cf4ab63c7 100644 --- a/test/results/flow-info/default/ossfuzz_seed_fake_traces_2.pcapng.out +++ b/test/results/flow-info/default/ossfuzz_seed_fake_traces_2.pcapng.out @@ -12,7 +12,12 @@ detected: [.....4] [ip4][..udp] [.......10.9.0.1][43462] -> [.......10.9.0.2][51820] [WireGuard][Unknown][VPN][Acceptable] idle: [.....1] [ip4][..tcp] [.172.26.235.166][55630] -> [...172.30.92.62][..119] [Usenet][Unknown][Web][Acceptable] idle: [.....2] [ip4][..tcp] [.192.168.190.20][55630] -> [..192.168.190.5][..119] [Usenet][Unknown][Web][Acceptable] + DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....5] [ip4][..tcp] [..172.16.20.244][59038] -> [...172.16.20.75][.5432] + detected: [.....5] [ip4][..tcp] [..172.16.20.244][59038] -> [...172.16.20.75][.5432] [PostgreSQL][Unknown][Database][Acceptable] guessed: [.....3] [ip4][..udp] [..10.147.205.42][43462] -> [..10.45.123.132][51820] [WireGuard][Unknown][VPN][Acceptable] idle: [.....3] [ip4][..udp] [..10.147.205.42][43462] -> [..10.45.123.132][51820] + end: [.....5] [ip4][..tcp] [..172.16.20.244][59038] -> [...172.16.20.75][.5432] [PostgreSQL][Unknown][Database][Acceptable] idle: [.....4] [ip4][..udp] [.......10.9.0.1][43462] -> [.......10.9.0.2][51820] [WireGuard][Unknown][VPN][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/protonvpn.pcap.out b/test/results/flow-info/default/protonvpn.pcap.out index d060a3f8a..97f3f0072 100644 --- a/test/results/flow-info/default/protonvpn.pcap.out +++ b/test/results/flow-info/default/protonvpn.pcap.out @@ -7,7 +7,13 @@ new: [.....2] [ip4][..udp] [......10.0.2.15][57701] -> [....217.23.3.76][..443] detected: [.....2] [ip4][..udp] [......10.0.2.15][57701] -> [....217.23.3.76][..443] [WireGuard][ProtonVPN][VPN][Acceptable] RISK: Known Proto on Non Std Port + DAEMON-EVENT: [Processed: 40 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0] + new: [.....3] [ip4][..tcp] [....2.58.241.67][37710] -> [........8.8.8.8][..443] idle: [.....2] [ip4][..udp] [......10.0.2.15][57701] -> [....217.23.3.76][..443] [WireGuard][ProtonVPN][VPN][Acceptable] RISK: Known Proto on Non Std Port idle: [.....1] [ip4][..tcp] [......10.0.2.15][37810] -> [185.159.159.148][..443] + guessed: [.....3] [ip4][..tcp] [....2.58.241.67][37710] -> [........8.8.8.8][..443] [TLS][Google][Web][Safe] + RISK: Anonymous Subscriber, Unidirectional Traffic + idle: [.....3] [ip4][..tcp] [....2.58.241.67][37710] -> [........8.8.8.8][..443] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/shadowsocks.pcap.out b/test/results/flow-info/default/shadowsocks.pcap.out new file mode 100644 index 000000000..72e5cc52f --- /dev/null +++ b/test/results/flow-info/default/shadowsocks.pcap.out @@ -0,0 +1,11 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [......127.0.0.1][37904] -> [......127.0.0.1][.1080] + detected: [.....1] [ip4][..tcp] [......127.0.0.1][37904] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] + new: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] + end: [.....1] [ip4][..tcp] [......127.0.0.1][37904] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] + not-detected: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow + end: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/skype.pcap.out b/test/results/flow-info/default/skype.pcap.out index e4d5f3760..7681146fd 100644 --- a/test/results/flow-info/default/skype.pcap.out +++ b/test/results/flow-info/default/skype.pcap.out @@ -1414,6 +1414,7 @@ guessed: [....19] [ip4][..tcp] [...192.168.1.34][50030] -> [...65.55.223.33][..443] [TLS][Unknown][Web][Safe] end: [....19] [ip4][..tcp] [...192.168.1.34][50030] -> [...65.55.223.33][..443] not-detected: [.....9] [ip4][..tcp] [...192.168.1.34][50026] -> [...65.55.223.33][40002] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [.....9] [ip4][..tcp] [...192.168.1.34][50026] -> [...65.55.223.33][40002] update: [.....4] [ip4][..udp] [...192.168.1.34][52850] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -1484,8 +1485,10 @@ detected: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][ui.skype.com] RISK: Unidirectional Traffic not-detected: [....50] [ip4][..tcp] [...192.168.1.34][50033] -> [..157.55.56.170][40015] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....50] [ip4][..tcp] [...192.168.1.34][50033] -> [..157.55.56.170][40015] not-detected: [....51] [ip4][..tcp] [...192.168.1.34][50034] -> [.157.55.130.140][40033] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....51] [ip4][..tcp] [...192.168.1.34][50034] -> [.157.55.130.140][40033] guessed: [...148] [ip4][..tcp] [...192.168.1.34][50024] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] end: [...148] [ip4][..tcp] [...192.168.1.34][50024] -> [..17.172.100.36][..443] @@ -1528,42 +1531,59 @@ [PKTLENS.....: 64,64,52,92,87,52,69,66,52,66,52,56,52,828,52,1076,52,142,52,608,87,132,81,97,52,81,52,100,52,52,52,52] [ENTROPIES...: 4.7,4.7,4.9,6.0,6.0,5.3,5.7,5.7,5.3,5.7,5.3,5.3,5.3,7.7,5.4,7.8,5.1,6.6,5.2,7.6,6.1,6.5,5.9,6.2,5.2,5.8,5.2,6.2,5.2,5.3,5.2,5.3] not-detected: [...221] [ip4][..tcp] [...192.168.1.34][50098] -> [...65.55.223.15][40026] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...221] [ip4][..tcp] [...192.168.1.34][50098] -> [...65.55.223.15][40026] not-detected: [...101] [ip4][..tcp] [...192.168.1.34][50046] -> [.157.55.130.150][40011] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...101] [ip4][..tcp] [...192.168.1.34][50046] -> [.157.55.130.150][40011] not-detected: [...134] [ip4][..tcp] [...192.168.1.34][50054] -> [.157.55.130.153][40005] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...134] [ip4][..tcp] [...192.168.1.34][50054] -> [.157.55.130.153][40005] idle: [.....4] [ip4][..udp] [...192.168.1.34][52850] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...113] [ip4][..tcp] [...192.168.1.34][50049] -> [.157.55.130.166][40021] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...113] [ip4][..tcp] [...192.168.1.34][50049] -> [.157.55.130.166][40021] not-detected: [....87] [ip4][..tcp] [...192.168.1.34][50044] -> [.157.55.130.167][40031] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....87] [ip4][..tcp] [...192.168.1.34][50044] -> [.157.55.130.167][40031] not-detected: [...194] [ip4][..tcp] [...192.168.1.34][50074] -> [.157.55.130.173][40003] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...194] [ip4][..tcp] [...192.168.1.34][50074] -> [.157.55.130.173][40003] not-detected: [...133] [ip4][..tcp] [...192.168.1.34][50053] -> [..157.55.56.146][40030] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...133] [ip4][..tcp] [...192.168.1.34][50053] -> [..157.55.56.146][40030] idle: [...150] [ip4][..udp] [...192.168.1.34][63108] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] RISK: Unidirectional Traffic not-detected: [...177] [ip4][..tcp] [...192.168.1.34][50070] -> [.157.55.130.170][40018] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...177] [ip4][..tcp] [...192.168.1.34][50070] -> [.157.55.130.170][40018] not-detected: [...196] [ip4][..tcp] [...192.168.1.34][50076] -> [.157.55.235.156][40014] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...196] [ip4][..tcp] [...192.168.1.34][50076] -> [.157.55.235.156][40014] not-detected: [...168] [ip4][..tcp] [...192.168.1.34][50067] -> [..157.55.56.160][40027] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...168] [ip4][..tcp] [...192.168.1.34][50067] -> [..157.55.56.160][40027] not-detected: [...200] [ip4][..tcp] [...192.168.1.34][50077] -> [.157.55.130.176][40022] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...200] [ip4][..tcp] [...192.168.1.34][50077] -> [.157.55.130.176][40022] not-detected: [...217] [ip4][..tcp] [...192.168.1.34][50092] -> [.157.55.130.155][40020] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...217] [ip4][..tcp] [...192.168.1.34][50092] -> [.157.55.130.155][40020] not-detected: [....57] [ip4][..tcp] [...192.168.1.34][50035] -> [213.199.179.175][40021] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....57] [ip4][..tcp] [...192.168.1.34][50035] -> [213.199.179.175][40021] not-detected: [...220] [ip4][..tcp] [...192.168.1.34][50097] -> [.157.55.235.176][40022] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...220] [ip4][..tcp] [...192.168.1.34][50097] -> [.157.55.235.176][40022] not-detected: [...288] [ip4][..tcp] [...192.168.1.34][50143] -> [.78.202.226.115][29059] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...288] [ip4][..tcp] [...192.168.1.34][50143] -> [.78.202.226.115][29059] not-detected: [...289] [ip4][..tcp] [...192.168.1.34][50144] -> [.78.202.226.115][29059] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...289] [ip4][..tcp] [...192.168.1.34][50144] -> [.78.202.226.115][29059] not-detected: [...195] [ip4][..tcp] [...192.168.1.34][50075] -> [213.199.179.142][40003] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...195] [ip4][..tcp] [...192.168.1.34][50075] -> [213.199.179.142][40003] idle: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -1591,12 +1611,14 @@ RISK: Unidirectional Traffic idle: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] not-detected: [....49] [ip4][..tcp] [...192.168.1.34][50032] -> [...157.56.52.44][40032] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....49] [ip4][..tcp] [...192.168.1.34][50032] -> [...157.56.52.44][40032] idle: [...149] [ip4][..udp] [...192.168.1.34][55159] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [...192.168.1.34][65426] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...227] [ip4][..tcp] [...192.168.1.34][50108] -> [...157.56.52.28][40009] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...227] [ip4][..tcp] [...192.168.1.34][50108] -> [...157.56.52.28][40009] idle: [...228] [ip4][..udp] [...192.168.1.34][49485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...231] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] @@ -1630,14 +1652,18 @@ RISK: Unidirectional Traffic idle: [...239] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] not-detected: [...266] [ip4][..tcp] [...192.168.1.34][50130] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...266] [ip4][..tcp] [...192.168.1.34][50130] -> [...212.161.8.36][13392] end: [...269] [ip4][..tcp] [...192.168.1.34][50131] -> [...212.161.8.36][13392] [TLS][Unknown][Web][Safe] RISK: Known Proto on Non Std Port not-detected: [...243] [ip4][..tcp] [...192.168.1.34][50112] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...243] [ip4][..tcp] [...192.168.1.34][50112] -> [...76.167.161.6][20274] not-detected: [...280] [ip4][..tcp] [...192.168.1.34][50135] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...280] [ip4][..tcp] [...192.168.1.34][50135] -> [...76.167.161.6][20274] not-detected: [...232] [ip4][..tcp] [...192.168.1.34][50109] -> [.91.190.216.125][12350] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...232] [ip4][..tcp] [...192.168.1.34][50109] -> [.91.190.216.125][12350] not-detected: [...233] [ip4][..tcp] [...192.168.1.34][50110] -> [.91.190.216.125][12350] [Unknown][Unknown][Unrated] end: [...233] [ip4][..tcp] [...192.168.1.34][50110] -> [.91.190.216.125][12350] @@ -1647,8 +1673,10 @@ idle: [...273] [ip4][..udp] [...192.168.1.34][13021] -> [106.188.249.186][15120] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...256] [ip4][..tcp] [...192.168.1.34][50125] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...256] [ip4][..tcp] [...192.168.1.34][50125] -> [.91.190.218.125][12350] not-detected: [...257] [ip4][..tcp] [...192.168.1.34][50126] -> [..91.190.216.23][12350] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...257] [ip4][..tcp] [...192.168.1.34][50126] -> [..91.190.216.23][12350] not-detected: [...261] [ip4][..tcp] [...192.168.1.34][50129] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] end: [...261] [ip4][..tcp] [...192.168.1.34][50129] -> [.91.190.218.125][12350] @@ -1674,31 +1702,39 @@ idle: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] idle: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] not-detected: [...244] [ip4][..tcp] [...192.168.1.34][50113] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...244] [ip4][..tcp] [...192.168.1.34][50113] -> [...71.238.7.203][18767] idle: [...265] [ip4][..udp] [...192.168.1.34][51802] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...253] [ip4][..tcp] [...192.168.1.34][50123] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...253] [ip4][..tcp] [...192.168.1.34][50123] -> [...80.14.46.121][.4415] not-detected: [...248] [ip4][..tcp] [...192.168.1.34][50117] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...248] [ip4][..tcp] [...192.168.1.34][50117] -> [...71.238.7.203][18767] not-detected: [...258] [ip4][..tcp] [...192.168.1.34][50127] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...258] [ip4][..tcp] [...192.168.1.34][50127] -> [...80.14.46.121][.4415] idle: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...109] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...286] [ip4][..tcp] [...192.168.1.34][50141] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...286] [ip4][..tcp] [...192.168.1.34][50141] -> [...80.14.46.121][.4415] idle: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.141][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...287] [ip4][..tcp] [...192.168.1.34][50142] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...287] [ip4][..tcp] [...192.168.1.34][50142] -> [...80.14.46.121][.4415] not-detected: [...281] [ip4][..tcp] [...192.168.1.34][50136] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...281] [ip4][..tcp] [...192.168.1.34][50136] -> [...71.238.7.203][18767] idle: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] idle: [....73] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -1739,12 +1775,16 @@ idle: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...247] [ip4][..tcp] [...192.168.1.34][50116] -> [...81.83.77.141][17639] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...247] [ip4][..tcp] [...192.168.1.34][50116] -> [...81.83.77.141][17639] not-detected: [...246] [ip4][..tcp] [...192.168.1.34][50115] -> [....86.31.35.30][59621] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...246] [ip4][..tcp] [...192.168.1.34][50115] -> [....86.31.35.30][59621] not-detected: [...251] [ip4][..tcp] [...192.168.1.34][50121] -> [...81.83.77.141][17639] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...251] [ip4][..tcp] [...192.168.1.34][50121] -> [...81.83.77.141][17639] not-detected: [...250] [ip4][..tcp] [...192.168.1.34][50119] -> [....86.31.35.30][59621] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...250] [ip4][..tcp] [...192.168.1.34][50119] -> [....86.31.35.30][59621] end: [....12] [ip4][..tcp] [...192.168.1.34][50027] -> [...23.223.73.34][..443] idle: [...240] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.145][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] @@ -1752,8 +1792,10 @@ idle: [....13] [ip4][..udp] [...192.168.1.34][49990] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...222] [ip4][..tcp] [...192.168.1.34][50099] -> [....64.4.23.166][40022] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...222] [ip4][..tcp] [...192.168.1.34][50099] -> [....64.4.23.166][40022] not-detected: [...213] [ip4][..tcp] [...192.168.1.34][50088] -> [.157.55.235.146][33033] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...213] [ip4][..tcp] [...192.168.1.34][50088] -> [.157.55.235.146][33033] idle: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -1818,6 +1860,7 @@ idle: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...277] [ip4][..tcp] [...192.168.1.34][50134] -> [...157.56.53.47][12350] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...277] [ip4][..tcp] [...192.168.1.34][50134] -> [...157.56.53.47][12350] idle: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -1857,6 +1900,7 @@ guessed: [...142] [ip4][..tcp] [...192.168.1.34][50057] -> [.157.55.130.153][..443] [TLS][Unknown][Web][Safe] end: [...142] [ip4][..tcp] [...192.168.1.34][50057] -> [.157.55.130.153][..443] not-detected: [...245] [ip4][..tcp] [...192.168.1.34][50114] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...245] [ip4][..tcp] [...192.168.1.34][50114] -> [..5.248.186.221][31010] not-detected: [...249] [ip4][..tcp] [...192.168.1.34][50118] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] end: [...249] [ip4][..tcp] [...192.168.1.34][50118] -> [..5.248.186.221][31010] @@ -1872,10 +1916,12 @@ guessed: [...209] [ip4][..tcp] [...192.168.1.34][50081] -> [.157.55.130.176][..443] [TLS][Unknown][Web][Safe] end: [...209] [ip4][..tcp] [...192.168.1.34][50081] -> [.157.55.130.176][..443] not-detected: [...282] [ip4][..tcp] [...192.168.1.34][50137] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...282] [ip4][..tcp] [...192.168.1.34][50137] -> [..5.248.186.221][31010] idle: [...176] [ip4][..udp] [...192.168.1.34][58368] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...284] [ip4][..tcp] [...192.168.1.34][50139] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...284] [ip4][..tcp] [...192.168.1.34][50139] -> [..5.248.186.221][31010] guessed: [...216] [ip4][..tcp] [...192.168.1.34][50091] -> [.157.55.235.146][..443] [TLS][Unknown][Web][Safe] end: [...216] [ip4][..tcp] [...192.168.1.34][50091] -> [.157.55.235.146][..443] @@ -1892,19 +1938,24 @@ idle: [...175] [ip4][..udp] [...192.168.1.34][54343] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...144] [ip4][..tcp] [...192.168.1.34][50059] -> [..111.221.74.38][40015] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...144] [ip4][..tcp] [...192.168.1.34][50059] -> [..111.221.74.38][40015] not-detected: [...135] [ip4][..tcp] [...192.168.1.34][50055] -> [..111.221.74.47][40030] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...135] [ip4][..tcp] [...192.168.1.34][50055] -> [..111.221.74.47][40030] idle: [...157] [ip4][..udp] [...192.168.1.34][58458] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...211] [ip4][..tcp] [...192.168.1.34][50086] -> [.111.221.77.142][40023] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...211] [ip4][..tcp] [...192.168.1.34][50086] -> [.111.221.77.142][40023] not-detected: [...219] [ip4][..tcp] [...192.168.1.34][50096] -> [..111.221.74.46][40027] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...219] [ip4][..tcp] [...192.168.1.34][50096] -> [..111.221.74.46][40027] idle: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...274] [ip4][..udp] [...192.168.1.34][56886] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] not-detected: [...270] [ip4][..tcp] [...192.168.1.34][50132] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...270] [ip4][..tcp] [...192.168.1.34][50132] -> [...149.13.32.15][13392] end: [...271] [ip4][..tcp] [...192.168.1.34][50133] -> [...149.13.32.15][13392] end: [....15] [ip4][..tcp] [...192.168.1.34][50028] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] @@ -1948,8 +1999,10 @@ idle: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...252] [ip4][..tcp] [...192.168.1.34][50122] -> [..81.133.19.185][44431] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...252] [ip4][..tcp] [...192.168.1.34][50122] -> [..81.133.19.185][44431] not-detected: [...254] [ip4][..tcp] [...192.168.1.34][50124] -> [..81.133.19.185][44431] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...254] [ip4][..tcp] [...192.168.1.34][50124] -> [..81.133.19.185][44431] idle: [...234] [ip4][..udp] [...192.168.1.34][13021] -> [..176.26.55.167][63773] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic diff --git a/test/results/flow-info/default/skype_no_unknown.pcap.out b/test/results/flow-info/default/skype_no_unknown.pcap.out index 0e33e3ed4..4fb3f6ca9 100644 --- a/test/results/flow-info/default/skype_no_unknown.pcap.out +++ b/test/results/flow-info/default/skype_no_unknown.pcap.out @@ -937,9 +937,11 @@ idle: [....12] [ip4][..udp] [...192.168.1.34][59113] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...235] [ip4][..tcp] [...192.168.1.34][51289] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...235] [ip4][..tcp] [...192.168.1.34][51289] -> [...71.238.7.203][18767] end: [....18] [ip4][..tcp] [...192.168.1.34][51231] -> [..23.206.33.166][..443] not-detected: [...240] [ip4][..tcp] [...192.168.1.34][51292] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow idle: [...240] [ip4][..tcp] [...192.168.1.34][51292] -> [...71.238.7.203][18767] idle: [.....2] [ip4][..udp] [...192.168.1.34][55028] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -952,26 +954,34 @@ idle: [...155] [ip4][..udp] [...192.168.1.34][63342] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...258] [ip4][..tcp] [...192.168.1.34][51311] -> [..93.79.224.176][14506] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...258] [ip4][..tcp] [...192.168.1.34][51311] -> [..93.79.224.176][14506] not-detected: [...261] [ip4][..tcp] [...192.168.1.34][51314] -> [..93.79.224.176][14506] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow idle: [...261] [ip4][..tcp] [...192.168.1.34][51314] -> [..93.79.224.176][14506] guessed: [...251] [ip4][..tcp] [...192.168.1.34][51302] -> [.91.190.216.125][..443] [TLS][Unknown][Web][Safe] end: [...251] [ip4][..tcp] [...192.168.1.34][51302] -> [.91.190.216.125][..443] not-detected: [...239] [ip4][..tcp] [...192.168.1.34][51291] -> [...81.83.77.141][17639] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...239] [ip4][..tcp] [...192.168.1.34][51291] -> [...81.83.77.141][17639] not-detected: [...242] [ip4][..tcp] [...192.168.1.34][51294] -> [...81.83.77.141][17639] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow idle: [...242] [ip4][..tcp] [...192.168.1.34][51294] -> [...81.83.77.141][17639] not-detected: [...247] [ip4][..tcp] [...192.168.1.34][51298] -> [.82.224.110.241][38895] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...247] [ip4][..tcp] [...192.168.1.34][51298] -> [.82.224.110.241][38895] not-detected: [...250] [ip4][..tcp] [...192.168.1.34][51301] -> [.82.224.110.241][38895] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow idle: [...250] [ip4][..tcp] [...192.168.1.34][51301] -> [.82.224.110.241][38895] idle: [...226] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....57] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....55] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] not-detected: [...121] [ip4][..tcp] [...192.168.1.34][51251] -> [....64.4.23.166][40029] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...121] [ip4][..tcp] [...192.168.1.34][51251] -> [....64.4.23.166][40029] not-detected: [...209] [ip4][..tcp] [...192.168.1.34][51278] -> [....64.4.23.159][40009] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...209] [ip4][..tcp] [...192.168.1.34][51278] -> [....64.4.23.159][40009] idle: [...139] [ip4][....2] [..192.168.0.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] idle: [...140] [ip4][....2] [..192.168.1.229] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] @@ -989,12 +999,14 @@ guessed: [....73] [ip4][..tcp] [...192.168.1.34][51238] -> [.157.55.235.147][..443] [TLS][Unknown][Web][Safe] end: [....73] [ip4][..tcp] [...192.168.1.34][51238] -> [.157.55.235.147][..443] not-detected: [...236] [ip4][..tcp] [...192.168.1.34][51290] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...236] [ip4][..tcp] [...192.168.1.34][51290] -> [..5.248.186.221][31010] guessed: [....81] [ip4][..tcp] [...192.168.1.34][51241] -> [.157.55.130.176][..443] [TLS][Unknown][Web][Safe] end: [....81] [ip4][..tcp] [...192.168.1.34][51241] -> [.157.55.130.176][..443] idle: [....58] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....56] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] not-detected: [...241] [ip4][..tcp] [...192.168.1.34][51293] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow idle: [...241] [ip4][..tcp] [...192.168.1.34][51293] -> [..5.248.186.221][31010] guessed: [...158] [ip4][..tcp] [...192.168.1.34][51260] -> [.157.55.130.142][..443] [TLS][Unknown][Web][Safe] end: [...158] [ip4][..tcp] [...192.168.1.34][51260] -> [.157.55.130.142][..443] @@ -1014,6 +1026,7 @@ guessed: [...185] [ip4][..tcp] [...192.168.1.34][51271] -> [213.199.179.175][..443] [TLS][Unknown][Web][Safe] end: [...185] [ip4][..tcp] [...192.168.1.34][51271] -> [213.199.179.175][..443] not-detected: [....61] [ip4][..tcp] [...192.168.1.34][51236] -> [..111.221.74.45][40008] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....61] [ip4][..tcp] [...192.168.1.34][51236] -> [..111.221.74.45][40008] idle: [....28] [ip4][..udp] [...192.168.1.92][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [....25] [ip4][..udp] [....192.168.1.1][..137] -> [...192.168.1.34][..137] [NetBIOS][Unknown][System][Acceptable] @@ -1030,28 +1043,35 @@ idle: [...232] [ip4][..udp] [...192.168.1.34][13021] -> [.189.138.161.88][19521] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...147] [ip4][..tcp] [...192.168.1.34][51256] -> [.111.221.77.142][40013] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...147] [ip4][..tcp] [...192.168.1.34][51256] -> [.111.221.77.142][40013] idle: [....14] [ip4][..udp] [...192.168.1.34][57592] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...109] [ip4][..tcp] [...192.168.1.34][51248] -> [.111.221.77.175][40030] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...109] [ip4][..tcp] [...192.168.1.34][51248] -> [.111.221.77.175][40030] not-detected: [...210] [ip4][..tcp] [...192.168.1.34][51279] -> [..111.221.74.48][40008] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow idle: [...210] [ip4][..tcp] [...192.168.1.34][51279] -> [..111.221.74.48][40008] not-detected: [...170] [ip4][..tcp] [...192.168.1.34][51267] -> [..111.221.74.18][40025] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...170] [ip4][..tcp] [...192.168.1.34][51267] -> [..111.221.74.18][40025] idle: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.14][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [...224] [ip4][..udp] [...192.168.1.34][58061] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...127] [ip4][..tcp] [108.160.163.108][..443] -> [...192.168.1.34][51222] not-detected: [...253] [ip4][..tcp] [...192.168.1.34][51305] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...253] [ip4][..tcp] [...192.168.1.34][51305] -> [...149.13.32.15][13392] end: [...255] [ip4][..tcp] [...192.168.1.34][51307] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] RISK: Known Proto on Non Std Port not-detected: [...257] [ip4][..tcp] [...192.168.1.34][51309] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...257] [ip4][..tcp] [...192.168.1.34][51309] -> [...149.13.32.15][13392] end: [...259] [ip4][..tcp] [...192.168.1.34][51312] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] RISK: Known Proto on Non Std Port not-detected: [...263] [ip4][..tcp] [...192.168.1.34][51316] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...263] [ip4][..tcp] [...192.168.1.34][51316] -> [...149.13.32.15][13392] end: [...264] [ip4][..tcp] [...192.168.1.34][51317] -> [...149.13.32.15][13392] idle: [.....9] [ip4][..udp] [...192.168.1.34][57694] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -1111,6 +1131,7 @@ RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [...192.168.1.92][53826] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] not-detected: [....60] [ip4][..tcp] [...192.168.1.34][51235] -> [...65.55.223.45][40009] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....60] [ip4][..tcp] [...192.168.1.34][51235] -> [...65.55.223.45][40009] idle: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -1119,29 +1140,38 @@ idle: [.....6] [ip4][..udp] [...192.168.1.34][64240] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [....59] [ip4][..tcp] [...192.168.1.34][51234] -> [.157.55.235.147][40001] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....59] [ip4][..tcp] [...192.168.1.34][51234] -> [.157.55.235.147][40001] idle: [...156] [ip4][..udp] [...192.168.1.34][64258] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [....67] [ip4][..tcp] [...192.168.1.34][51237] -> [.157.55.130.176][40022] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....67] [ip4][..tcp] [...192.168.1.34][51237] -> [.157.55.130.176][40022] not-detected: [...146] [ip4][..tcp] [...192.168.1.34][51255] -> [.157.55.130.142][40005] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...146] [ip4][..tcp] [...192.168.1.34][51255] -> [.157.55.130.142][40005] not-detected: [...148] [ip4][..tcp] [...192.168.1.34][51257] -> [.157.55.235.170][40032] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...148] [ip4][..tcp] [...192.168.1.34][51257] -> [.157.55.235.170][40032] not-detected: [...207] [ip4][..tcp] [...192.168.1.34][51276] -> [.157.55.235.146][40021] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...207] [ip4][..tcp] [...192.168.1.34][51276] -> [.157.55.235.146][40021] idle: [...238] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.141][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...186] [ip4][..tcp] [...192.168.1.34][51272] -> [.157.55.235.152][40029] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...186] [ip4][..tcp] [...192.168.1.34][51272] -> [.157.55.235.152][40029] not-detected: [...208] [ip4][..tcp] [...192.168.1.34][51277] -> [.157.55.235.156][40026] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...208] [ip4][..tcp] [...192.168.1.34][51277] -> [.157.55.235.156][40026] idle: [...225] [ip4][..udp] [...192.168.1.34][59052] -> [....192.168.1.1][.5351] not-detected: [...149] [ip4][..tcp] [...192.168.1.34][51258] -> [213.199.179.176][40021] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...149] [ip4][..tcp] [...192.168.1.34][51258] -> [213.199.179.176][40021] idle: [...199] [ip4][..udp] [...192.168.1.34][64364] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...178] [ip4][..tcp] [...192.168.1.34][51269] -> [213.199.179.175][40029] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...178] [ip4][..tcp] [...192.168.1.34][51269] -> [213.199.179.175][40029] idle: [....20] [ip4][..udp] [...192.168.1.34][50055] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -1202,8 +1232,10 @@ idle: [...198] [ip4][..udp] [...192.168.1.34][60413] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [....10] [ip4][..tcp] [...192.168.1.34][51229] -> [...157.56.52.28][40009] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....10] [ip4][..tcp] [...192.168.1.34][51229] -> [...157.56.52.28][40009] not-detected: [....97] [ip4][..tcp] [...192.168.1.34][51246] -> [...157.56.52.44][40020] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [....97] [ip4][..tcp] [...192.168.1.34][51246] -> [...157.56.52.44][40020] not-detected: [...252] [ip4][..tcp] [...192.168.1.34][51303] -> [...80.121.84.93][62381] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic @@ -1251,9 +1283,11 @@ idle: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...260] [ip4][..tcp] [...192.168.1.34][51313] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...260] [ip4][..tcp] [...192.168.1.34][51313] -> [...212.161.8.36][13392] end: [...262] [ip4][..tcp] [...192.168.1.34][51315] -> [...212.161.8.36][13392] not-detected: [...265] [ip4][..tcp] [...192.168.1.34][51318] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow idle: [...265] [ip4][..tcp] [...192.168.1.34][51318] -> [...212.161.8.36][13392] not-detected: [...267] [ip4][..tcp] [...192.168.1.34][51319] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic @@ -1302,6 +1336,7 @@ idle: [...122] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...234] [ip4][..tcp] [...192.168.1.34][51288] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...234] [ip4][..tcp] [...192.168.1.34][51288] -> [...76.167.161.6][20274] idle: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.170][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -1355,12 +1390,15 @@ idle: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.162][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic not-detected: [...227] [ip4][..tcp] [...192.168.1.34][51284] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...227] [ip4][..tcp] [...192.168.1.34][51284] -> [.91.190.218.125][12350] not-detected: [...228] [ip4][..tcp] [...192.168.1.34][51285] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] end: [...228] [ip4][..tcp] [...192.168.1.34][51285] -> [.91.190.218.125][12350] not-detected: [...245] [ip4][..tcp] [...192.168.1.34][51296] -> [.91.190.216.125][12350] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow end: [...245] [ip4][..tcp] [...192.168.1.34][51296] -> [.91.190.216.125][12350] not-detected: [...246] [ip4][..tcp] [...192.168.1.34][51297] -> [..91.190.216.24][12350] [Unknown][Unknown][Unrated] + RISK: Fully encrypted flow idle: [...246] [ip4][..tcp] [...192.168.1.34][51297] -> [..91.190.216.24][12350] not-detected: [...248] [ip4][..tcp] [...192.168.1.34][51299] -> [.91.190.216.125][12350] [Unknown][Unknown][Unrated] end: [...248] [ip4][..tcp] [...192.168.1.34][51299] -> [.91.190.216.125][12350] diff --git a/test/results/flow-info/default/srvloc-v1.pcapng.out b/test/results/flow-info/default/srvloc-v1.pcapng.out new file mode 100644 index 000000000..7778e19ba --- /dev/null +++ b/test/results/flow-info/default/srvloc-v1.pcapng.out @@ -0,0 +1,14 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.23.220.116.175][..427] -> [.192.168.199.71][57782] + detected: [.....1] [ip4][..udp] [.23.220.116.175][..427] -> [.192.168.199.71][57782] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [.....2] [ip4][..udp] [..250.83.105.78][51708] -> [.172.30.246.115][..427] + detected: [.....2] [ip4][..udp] [..250.83.105.78][51708] -> [.172.30.246.115][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....1] [ip4][..udp] [.23.220.116.175][..427] -> [.192.168.199.71][57782] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....2] [ip4][..udp] [..250.83.105.78][51708] -> [.172.30.246.115][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/srvloc.pcap.out b/test/results/flow-info/default/srvloc.pcap.out new file mode 100644 index 000000000..6874d7152 --- /dev/null +++ b/test/results/flow-info/default/srvloc.pcap.out @@ -0,0 +1,4121 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [..37.40.101.196][53106] -> [...85.111.52.57][..427] + detected: [.....1] [ip4][..udp] [..37.40.101.196][53106] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 1 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....2] [ip4][..udp] [.27.134.169.220][45163] -> [...90.141.37.56][..427] + detected: [.....2] [ip4][..udp] [.27.134.169.220][45163] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....1] [ip4][..udp] [..37.40.101.196][53106] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [.....3] [ip4][..udp] [..44.99.113.150][40623] -> [.186.112.202.53][..427] + detected: [.....3] [ip4][..udp] [..44.99.113.150][40623] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [.....2] [ip4][..udp] [.27.134.169.220][45163] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 3 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] + new: [.....4] [ip4][..udp] [..44.99.113.150][34697] -> [..90.145.180.58][..427] + detected: [.....4] [ip4][..udp] [..44.99.113.150][34697] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....3] [ip4][..udp] [..44.99.113.150][40623] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....2] [ip4][..udp] [.27.134.169.220][45163] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [.....5] [ip4][..udp] [208.100.177.136][33246] -> [...90.141.37.56][..427] + detected: [.....5] [ip4][..udp] [208.100.177.136][33246] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [.....4] [ip4][..udp] [..44.99.113.150][34697] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 5 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] + new: [.....6] [ip4][..udp] [.45.124.147.156][33510] -> [...85.111.52.57][..427] + detected: [.....6] [ip4][..udp] [.45.124.147.156][33510] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....5] [ip4][..udp] [208.100.177.136][33246] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....4] [ip4][..udp] [..44.99.113.150][34697] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 6 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] + new: [.....7] [ip4][..udp] [.45.124.147.156][50663] -> [.165.114.202.61][..427] + detected: [.....7] [ip4][..udp] [.45.124.147.156][50663] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [.....8] [ip4][..udp] [.45.124.147.156][41268] -> [.165.114.202.61][..427] + detected: [.....8] [ip4][..udp] [.45.124.147.156][41268] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....6] [ip4][..udp] [.45.124.147.156][33510] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [.....9] [ip4][..udp] [.236.155.96.147][43154] -> [..90.147.171.51][..427] + detected: [.....9] [ip4][..udp] [.236.155.96.147][43154] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....8] [ip4][..udp] [.45.124.147.156][41268] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....7] [ip4][..udp] [.45.124.147.156][50663] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 10 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] + new: [....10] [ip4][..udp] [.45.124.147.156][57141] -> [..74.111.203.55][..427] + detected: [....10] [ip4][..udp] [.45.124.147.156][57141] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [.....9] [ip4][..udp] [.236.155.96.147][43154] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 11 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] + new: [....11] [ip4][..udp] [184.180.168.240][38061] -> [..165.144.84.62][..427] + detected: [....11] [ip4][..udp] [184.180.168.240][38061] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....10] [ip4][..udp] [.45.124.147.156][57141] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 12 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] + new: [....12] [ip4][..udp] [236.131.162.157][38756] -> [..69.109.187.54][..427] + detected: [....12] [ip4][..udp] [236.131.162.157][38756] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....11] [ip4][..udp] [184.180.168.240][38061] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 13 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] + new: [....13] [ip4][..udp] [.200.31.144.158][39908] -> [...85.111.52.57][..427] + detected: [....13] [ip4][..udp] [.200.31.144.158][39908] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....12] [ip4][..udp] [236.131.162.157][38756] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....14] [ip4][..udp] [.200.31.144.158][40656] -> [..69.109.187.54][..427] + detected: [....14] [ip4][..udp] [.200.31.144.158][40656] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....13] [ip4][..udp] [.200.31.144.158][39908] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....15] [ip4][..udp] [.200.31.144.158][37600] -> [.186.112.202.53][..427] + detected: [....15] [ip4][..udp] [.200.31.144.158][37600] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....14] [ip4][..udp] [.200.31.144.158][40656] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 15|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] + new: [....16] [ip4][..udp] [..70.28.101.252][53651] -> [..90.147.171.51][..427] + detected: [....16] [ip4][..udp] [..70.28.101.252][53651] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....15] [ip4][..udp] [.200.31.144.158][37600] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....14] [ip4][..udp] [.200.31.144.158][40656] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 17 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 16|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] + new: [....17] [ip4][..udp] [.200.31.144.158][38913] -> [..74.111.203.55][..427] + detected: [....17] [ip4][..udp] [.200.31.144.158][38913] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....16] [ip4][..udp] [..70.28.101.252][53651] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....18] [ip4][..udp] [.200.31.144.158][33453] -> [..90.111.212.50][..427] + detected: [....18] [ip4][..udp] [.200.31.144.158][33453] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....17] [ip4][..udp] [.200.31.144.158][38913] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 19 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 18|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 4] + new: [....19] [ip4][..udp] [.200.31.144.158][60963] -> [...90.141.37.56][..427] + detected: [....19] [ip4][..udp] [.200.31.144.158][60963] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....17] [ip4][..udp] [.200.31.144.158][38913] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....18] [ip4][..udp] [.200.31.144.158][33453] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....20] [ip4][..udp] [.200.31.144.158][41259] -> [..90.147.171.51][..427] + detected: [....20] [ip4][..udp] [.200.31.144.158][41259] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....19] [ip4][..udp] [.200.31.144.158][60963] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 21 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 20|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 5] + new: [....21] [ip4][..udp] [...62.230.4.248][56007] -> [..165.144.84.62][..427] + detected: [....21] [ip4][..udp] [...62.230.4.248][56007] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....19] [ip4][..udp] [.200.31.144.158][60963] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....20] [ip4][..udp] [.200.31.144.158][41259] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 22 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 21|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 5] + new: [....22] [ip4][..udp] [.200.31.144.158][52741] -> [.165.114.202.61][..427] + detected: [....22] [ip4][..udp] [.200.31.144.158][52741] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....21] [ip4][..udp] [...62.230.4.248][56007] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....23] [ip4][..udp] [.200.31.144.158][39516] -> [..90.145.180.58][..427] + detected: [....23] [ip4][..udp] [.200.31.144.158][39516] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....22] [ip4][..udp] [.200.31.144.158][52741] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....24] [ip4][..udp] [.200.31.144.158][43074] -> [..165.144.84.62][..427] + detected: [....24] [ip4][..udp] [.200.31.144.158][43074] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....23] [ip4][..udp] [.200.31.144.158][39516] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 25 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 24|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] + new: [....25] [ip4][..udp] [198.229.224.110][56395] -> [..90.145.180.58][..427] + detected: [....25] [ip4][..udp] [198.229.224.110][56395] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....24] [ip4][..udp] [.200.31.144.158][43074] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....23] [ip4][..udp] [.200.31.144.158][39516] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 26 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 25|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] + new: [....26] [ip4][..udp] [..67.159.16.150][27095] -> [..165.144.84.62][..427] + detected: [....26] [ip4][..udp] [..67.159.16.150][27095] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....25] [ip4][..udp] [198.229.224.110][56395] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 27 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 26|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] + new: [....27] [ip4][..udp] [.217.217.186.39][52663] -> [.186.112.202.53][..427] + detected: [....27] [ip4][..udp] [.217.217.186.39][52663] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....26] [ip4][..udp] [..67.159.16.150][27095] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....28] [ip4][..udp] [..35.252.69.113][26160] -> [..69.109.187.54][..427] + detected: [....28] [ip4][..udp] [..35.252.69.113][26160] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....27] [ip4][..udp] [.217.217.186.39][52663] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 29 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 28|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] + new: [....29] [ip4][..udp] [.34.102.125.120][45441] -> [...90.141.37.56][..427] + detected: [....29] [ip4][..udp] [.34.102.125.120][45441] -> [...90.141.37.56][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....28] [ip4][..udp] [..35.252.69.113][26160] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....30] [ip4][..udp] [.27.134.169.220][58691] -> [..90.147.171.51][..427] + detected: [....30] [ip4][..udp] [.27.134.169.220][58691] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....29] [ip4][..udp] [.34.102.125.120][45441] -> [...90.141.37.56][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 31 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 30|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] + new: [....31] [ip4][..udp] [134.180.144.149][33386] -> [.186.112.202.53][..427] + detected: [....31] [ip4][..udp] [134.180.144.149][33386] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....30] [ip4][..udp] [.27.134.169.220][58691] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 32 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 31|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] + new: [....32] [ip4][..udp] [.36.231.109.217][50939] -> [..90.145.180.58][..427] + detected: [....32] [ip4][..udp] [.36.231.109.217][50939] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....31] [ip4][..udp] [134.180.144.149][33386] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....33] [ip4][..udp] [.227.199.90.122][41334] -> [..90.111.212.50][..427] + detected: [....33] [ip4][..udp] [.227.199.90.122][41334] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....32] [ip4][..udp] [.36.231.109.217][50939] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....34] [ip4][..udp] [182.180.120.139][58970] -> [...85.111.52.57][..427] + detected: [....34] [ip4][..udp] [182.180.120.139][58970] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....33] [ip4][..udp] [.227.199.90.122][41334] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 35 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 34|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 7] + new: [....35] [ip4][..udp] [200.180.144.114][55489] -> [..90.111.212.50][..427] + detected: [....35] [ip4][..udp] [200.180.144.114][55489] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....33] [ip4][..udp] [.227.199.90.122][41334] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....34] [ip4][..udp] [182.180.120.139][58970] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....36] [ip4][..udp] [.70.180.111.241][60983] -> [.165.114.202.61][..427] + detected: [....36] [ip4][..udp] [.70.180.111.241][60983] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....35] [ip4][..udp] [200.180.144.114][55489] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....37] [ip4][..udp] [236.131.162.157][38679] -> [...90.141.37.56][..427] + detected: [....37] [ip4][..udp] [236.131.162.157][38679] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....36] [ip4][..udp] [.70.180.111.241][60983] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....38] [ip4][..udp] [.47.123.189.155][56038] -> [..90.147.171.51][..427] + detected: [....38] [ip4][..udp] [.47.123.189.155][56038] -> [..90.147.171.51][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....36] [ip4][..udp] [.70.180.111.241][60983] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....37] [ip4][..udp] [236.131.162.157][38679] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 39 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 38|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....39] [ip4][..udp] [.70.180.111.241][48096] -> [..74.111.203.55][..427] + detected: [....39] [ip4][..udp] [.70.180.111.241][48096] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....37] [ip4][..udp] [236.131.162.157][38679] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....38] [ip4][..udp] [.47.123.189.155][56038] -> [..90.147.171.51][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....40] [ip4][..udp] [182.180.120.139][46563] -> [..90.145.180.58][..427] + detected: [....40] [ip4][..udp] [182.180.120.139][46563] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....39] [ip4][..udp] [.70.180.111.241][48096] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 41 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 40|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....41] [ip4][..udp] [..218.19.29.186][56315] -> [..90.111.212.50][..427] + detected: [....41] [ip4][..udp] [..218.19.29.186][56315] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....40] [ip4][..udp] [182.180.120.139][46563] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 42 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 41|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....42] [ip4][..udp] [186.213.158.225][51349] -> [..69.109.187.54][..427] + detected: [....42] [ip4][..udp] [186.213.158.225][51349] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....41] [ip4][..udp] [..218.19.29.186][56315] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 43 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 42|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....43] [ip4][..udp] [231.223.121.213][.7086] -> [...90.141.37.56][..427] + detected: [....43] [ip4][..udp] [231.223.121.213][.7086] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....42] [ip4][..udp] [186.213.158.225][51349] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 44 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 43|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....44] [ip4][..udp] [..20.133.112.32][11510] -> [.165.114.202.61][..427] + detected: [....44] [ip4][..udp] [..20.133.112.32][11510] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....43] [ip4][..udp] [231.223.121.213][.7086] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 46 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 44|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....45] [ip4][..udp] [..83.48.216.235][51745] -> [.186.112.202.53][..427] + detected: [....45] [ip4][..udp] [..83.48.216.235][51745] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....44] [ip4][..udp] [..20.133.112.32][11510] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 47 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 45|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....46] [ip4][..udp] [.154.97.132.119][64306] -> [..165.144.84.62][..427] + detected: [....46] [ip4][..udp] [.154.97.132.119][64306] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....45] [ip4][..udp] [..83.48.216.235][51745] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 48 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 46|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....47] [ip4][..udp] [..83.48.216.235][56358] -> [..90.145.180.58][..427] + detected: [....47] [ip4][..udp] [..83.48.216.235][56358] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....46] [ip4][..udp] [.154.97.132.119][64306] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 49 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 47|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....48] [ip4][..udp] [.....72.30.8.39][43690] -> [..90.111.212.50][..427] + detected: [....48] [ip4][..udp] [.....72.30.8.39][43690] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....47] [ip4][..udp] [..83.48.216.235][56358] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....49] [ip4][..udp] [.....71.38.8.47][42689] -> [...90.141.37.56][..427] + detected: [....49] [ip4][..udp] [.....71.38.8.47][42689] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....48] [ip4][..udp] [.....72.30.8.39][43690] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 51 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 49|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] + new: [....50] [ip4][..udp] [.121.106.247.20][12409] -> [..165.144.84.62][..427] + detected: [....50] [ip4][..udp] [.121.106.247.20][12409] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....49] [ip4][..udp] [.....71.38.8.47][42689] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....51] [ip4][..udp] [.....55.94.8.63][43995] -> [..90.145.180.58][..427] + detected: [....51] [ip4][..udp] [.....55.94.8.63][43995] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....50] [ip4][..udp] [.121.106.247.20][12409] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....52] [ip4][..udp] [..185.225.247.8][48375] -> [.165.114.202.61][..427] + detected: [....52] [ip4][..udp] [..185.225.247.8][48375] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....50] [ip4][..udp] [.121.106.247.20][12409] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....51] [ip4][..udp] [.....55.94.8.63][43995] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 54 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 52|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 11] + new: [....53] [ip4][..udp] [.....121.82.8.7][60170] -> [...85.111.52.57][..427] + detected: [....53] [ip4][..udp] [.....121.82.8.7][60170] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....52] [ip4][..udp] [..185.225.247.8][48375] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....51] [ip4][..udp] [.....55.94.8.63][43995] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....54] [ip4][..udp] [.121.106.247.20][55474] -> [.186.112.202.53][..427] + detected: [....54] [ip4][..udp] [.121.106.247.20][55474] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....53] [ip4][..udp] [.....121.82.8.7][60170] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 56 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 54|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 11] + new: [....55] [ip4][..udp] [.121.106.247.20][55474] -> [..90.147.171.51][..427] + detected: [....55] [ip4][..udp] [.121.106.247.20][55474] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....54] [ip4][..udp] [.121.106.247.20][55474] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....56] [ip4][..udp] [..200.97.247.24][22124] -> [..74.111.203.55][..427] + detected: [....56] [ip4][..udp] [..200.97.247.24][22124] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....55] [ip4][..udp] [.121.106.247.20][55474] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 58 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 56|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 12] + new: [....57] [ip4][..udp] [..121.35.244.56][30580] -> [..90.145.180.58][..427] + detected: [....57] [ip4][..udp] [..121.35.244.56][30580] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....55] [ip4][..udp] [.121.106.247.20][55474] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....56] [ip4][..udp] [..200.97.247.24][22124] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....58] [ip4][..udp] [...154.96.5.121][26060] -> [..69.109.187.54][..427] + detected: [....58] [ip4][..udp] [...154.96.5.121][26060] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....57] [ip4][..udp] [..121.35.244.56][30580] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....59] [ip4][..udp] [..38.236.38.224][52729] -> [.165.114.202.61][..427] + detected: [....59] [ip4][..udp] [..38.236.38.224][52729] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....57] [ip4][..udp] [..121.35.244.56][30580] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....58] [ip4][..udp] [...154.96.5.121][26060] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 61 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 59|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....60] [ip4][..udp] [..69.230.164.78][55275] -> [...90.141.37.56][..427] + detected: [....60] [ip4][..udp] [..69.230.164.78][55275] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....58] [ip4][..udp] [...154.96.5.121][26060] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....59] [ip4][..udp] [..38.236.38.224][52729] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 62 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 60|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....61] [ip4][..udp] [..235.98.65.133][31778] -> [..165.144.84.62][..427] + detected: [....61] [ip4][..udp] [..235.98.65.133][31778] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....60] [ip4][..udp] [..69.230.164.78][55275] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 64 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 61|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....62] [ip4][..udp] [..88.31.110.219][50660] -> [.186.112.202.53][..427] + detected: [....62] [ip4][..udp] [..88.31.110.219][50660] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....61] [ip4][..udp] [..235.98.65.133][31778] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 65 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 62|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....63] [ip4][..udp] [...35.0.100.115][62892] -> [.165.114.202.61][..427] + detected: [....63] [ip4][..udp] [...35.0.100.115][62892] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....62] [ip4][..udp] [..88.31.110.219][50660] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 66 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 63|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....64] [ip4][..udp] [.34.102.125.120][17423] -> [..165.144.84.62][..427] + detected: [....64] [ip4][..udp] [.34.102.125.120][17423] -> [..165.144.84.62][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....63] [ip4][..udp] [...35.0.100.115][62892] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 67 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 64|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....65] [ip4][..udp] [.70.232.230.229][51197] -> [...85.111.52.57][..427] + detected: [....65] [ip4][..udp] [.70.232.230.229][51197] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....64] [ip4][..udp] [.34.102.125.120][17423] -> [..165.144.84.62][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 68 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 65|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....66] [ip4][..udp] [172.237.152.209][51708] -> [..165.144.84.62][..427] + detected: [....66] [ip4][..udp] [172.237.152.209][51708] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....65] [ip4][..udp] [.70.232.230.229][51197] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 69 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 66|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....67] [ip4][..udp] [...58.36.157.61][53238] -> [..74.111.203.55][..427] + detected: [....67] [ip4][..udp] [...58.36.157.61][53238] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....66] [ip4][..udp] [172.237.152.209][51708] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 67|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....68] [ip4][..udp] [.227.134.81.212][37207] -> [...85.111.52.57][..427] + detected: [....68] [ip4][..udp] [.227.134.81.212][37207] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....67] [ip4][..udp] [...58.36.157.61][53238] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 71 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 68|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....69] [ip4][..udp] [..39.59.139.121][51157] -> [...85.111.52.57][..427] + detected: [....69] [ip4][..udp] [..39.59.139.121][51157] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....68] [ip4][..udp] [.227.134.81.212][37207] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 72 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 69|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....70] [ip4][..udp] [.227.134.81.212][45177] -> [..90.111.212.50][..427] + detected: [....70] [ip4][..udp] [.227.134.81.212][45177] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....69] [ip4][..udp] [..39.59.139.121][51157] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 73 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 70|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....71] [ip4][..udp] [.103.71.146.222][47772] -> [.165.114.202.61][..427] + detected: [....71] [ip4][..udp] [.103.71.146.222][47772] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....70] [ip4][..udp] [.227.134.81.212][45177] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 74 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 71|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....72] [ip4][..udp] [238.132.112.150][44248] -> [..90.147.171.51][..427] + detected: [....72] [ip4][..udp] [238.132.112.150][44248] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....71] [ip4][..udp] [.103.71.146.222][47772] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 75 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 72|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....73] [ip4][..udp] [134.180.144.149][47037] -> [..90.145.180.58][..427] + detected: [....73] [ip4][..udp] [134.180.144.149][47037] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....72] [ip4][..udp] [238.132.112.150][44248] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....74] [ip4][..udp] [.236.155.96.147][44475] -> [..90.111.212.50][..427] + detected: [....74] [ip4][..udp] [.236.155.96.147][44475] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....73] [ip4][..udp] [134.180.144.149][47037] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 77 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 74|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....75] [ip4][..udp] [182.180.120.139][33156] -> [..74.111.203.55][..427] + detected: [....75] [ip4][..udp] [182.180.120.139][33156] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....74] [ip4][..udp] [.236.155.96.147][44475] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....76] [ip4][..udp] [..19.99.147.148][49052] -> [...90.141.37.56][..427] + detected: [....76] [ip4][..udp] [..19.99.147.148][49052] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....75] [ip4][..udp] [182.180.120.139][33156] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 79 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 76|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....77] [ip4][..udp] [.47.123.177.154][44018] -> [.165.114.202.61][..427] + detected: [....77] [ip4][..udp] [.47.123.177.154][44018] -> [.165.114.202.61][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....78] [ip4][..udp] [..46.100.97.147][37387] -> [..165.144.84.62][..427] + detected: [....78] [ip4][..udp] [..46.100.97.147][37387] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....76] [ip4][..udp] [..19.99.147.148][49052] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 81 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 78|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] + new: [....79] [ip4][..udp] [134.180.144.149][48737] -> [.186.112.202.53][..427] + detected: [....79] [ip4][..udp] [134.180.144.149][48737] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....78] [ip4][..udp] [..46.100.97.147][37387] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....77] [ip4][..udp] [.47.123.177.154][44018] -> [.165.114.202.61][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....80] [ip4][..udp] [200.180.144.114][57533] -> [..69.109.187.54][..427] + detected: [....80] [ip4][..udp] [200.180.144.114][57533] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....79] [ip4][..udp] [134.180.144.149][48737] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....81] [ip4][..udp] [.47.123.177.154][35950] -> [...85.111.52.57][..427] + detected: [....81] [ip4][..udp] [.47.123.177.154][35950] -> [...85.111.52.57][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....80] [ip4][..udp] [200.180.144.114][57533] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....79] [ip4][..udp] [134.180.144.149][48737] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 84 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 81|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 15] + new: [....82] [ip4][..udp] [.....44.49.31.2][51197] -> [..90.147.171.51][..427] + detected: [....82] [ip4][..udp] [.....44.49.31.2][51197] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....81] [ip4][..udp] [.47.123.177.154][35950] -> [...85.111.52.57][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....83] [ip4][..udp] [..19.99.146.156][54379] -> [..90.145.180.58][..427] + detected: [....83] [ip4][..udp] [..19.99.146.156][54379] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....82] [ip4][..udp] [.....44.49.31.2][51197] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 86 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 83|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 15] + new: [....84] [ip4][..udp] [....174.50.7.11][55450] -> [..69.109.187.54][..427] + detected: [....84] [ip4][..udp] [....174.50.7.11][55450] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....83] [ip4][..udp] [..19.99.146.156][54379] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....85] [ip4][..udp] [.58.218.184.177][54059] -> [..90.111.212.50][..427] + detected: [....85] [ip4][..udp] [.58.218.184.177][54059] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....84] [ip4][..udp] [....174.50.7.11][55450] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 88 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 85|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] + new: [....86] [ip4][..udp] [...31.0.154.114][40383] -> [..90.145.180.58][..427] + detected: [....86] [ip4][..udp] [...31.0.154.114][40383] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....84] [ip4][..udp] [....174.50.7.11][55450] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....85] [ip4][..udp] [.58.218.184.177][54059] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 89 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 86|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] + new: [....87] [ip4][..udp] [.66.228.194.219][53105] -> [.186.112.202.53][..427] + detected: [....87] [ip4][..udp] [.66.228.194.219][53105] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....86] [ip4][..udp] [...31.0.154.114][40383] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 90 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 87|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] + new: [....88] [ip4][..udp] [..67.159.16.150][43759] -> [..74.111.203.55][..427] + detected: [....88] [ip4][..udp] [..67.159.16.150][43759] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....87] [ip4][..udp] [.66.228.194.219][53105] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 91 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 88|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] + new: [....89] [ip4][..udp] [.200.31.144.158][53596] -> [..90.111.212.50][..427] + detected: [....89] [ip4][..udp] [.200.31.144.158][53596] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....88] [ip4][..udp] [..67.159.16.150][43759] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 92 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 89|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] + new: [....90] [ip4][..udp] [.200.31.144.158][47879] -> [..69.109.187.54][..427] + detected: [....90] [ip4][..udp] [.200.31.144.158][47879] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....89] [ip4][..udp] [.200.31.144.158][53596] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....91] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] + detected: [....91] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....90] [ip4][..udp] [.200.31.144.158][47879] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 94 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 91|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] + new: [....92] [ip4][..udp] [.200.31.144.158][51364] -> [..165.144.84.62][..427] + detected: [....92] [ip4][..udp] [.200.31.144.158][51364] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....91] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....93] [ip4][..udp] [.200.31.144.158][41690] -> [..74.111.203.55][..427] + detected: [....93] [ip4][..udp] [.200.31.144.158][41690] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....92] [ip4][..udp] [.200.31.144.158][51364] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....94] [ip4][..udp] [.200.31.144.158][51228] -> [.165.114.202.61][..427] + detected: [....94] [ip4][..udp] [.200.31.144.158][51228] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....92] [ip4][..udp] [.200.31.144.158][51364] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....93] [ip4][..udp] [.200.31.144.158][41690] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 97 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 94|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 18] + new: [....95] [ip4][..udp] [..35.252.69.113][59682] -> [...90.141.37.56][..427] + detected: [....95] [ip4][..udp] [..35.252.69.113][59682] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....93] [ip4][..udp] [.200.31.144.158][41690] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....94] [ip4][..udp] [.200.31.144.158][51228] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....96] [ip4][..udp] [..208.209.71.22][55733] -> [...85.111.52.57][..427] + detected: [....96] [ip4][..udp] [..208.209.71.22][55733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....95] [ip4][..udp] [..35.252.69.113][59682] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [....97] [ip4][..udp] [.200.31.144.158][40943] -> [...90.141.37.56][..427] + detected: [....97] [ip4][..udp] [.200.31.144.158][40943] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....95] [ip4][..udp] [..35.252.69.113][59682] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [....96] [ip4][..udp] [..208.209.71.22][55733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 100 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 97|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] + new: [....98] [ip4][..udp] [.200.31.144.158][33048] -> [..90.145.180.58][..427] + detected: [....98] [ip4][..udp] [.200.31.144.158][33048] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....96] [ip4][..udp] [..208.209.71.22][55733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....97] [ip4][..udp] [.200.31.144.158][40943] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 101 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 98|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] + new: [....99] [ip4][..udp] [.19.156.188.155][47964] -> [.186.112.202.53][..427] + detected: [....99] [ip4][..udp] [.19.156.188.155][47964] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....98] [ip4][..udp] [.200.31.144.158][33048] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 102 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 99|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] + new: [...100] [ip4][..udp] [.210.12.216.151][54477] -> [..90.145.180.58][..427] + detected: [...100] [ip4][..udp] [.210.12.216.151][54477] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [....99] [ip4][..udp] [.19.156.188.155][47964] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 103 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 100|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] + new: [...101] [ip4][..udp] [..70.28.101.252][52969] -> [...90.141.37.56][..427] + detected: [...101] [ip4][..udp] [..70.28.101.252][52969] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...100] [ip4][..udp] [.210.12.216.151][54477] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 104 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 101|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] + new: [...102] [ip4][..udp] [....57.3.49.213][25820] -> [..74.111.203.55][..427] + detected: [...102] [ip4][..udp] [....57.3.49.213][25820] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...101] [ip4][..udp] [..70.28.101.252][52969] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...103] [ip4][..udp] [.70.193.198.250][29011] -> [..69.109.187.54][..427] + detected: [...103] [ip4][..udp] [.70.193.198.250][29011] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...102] [ip4][..udp] [....57.3.49.213][25820] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 106 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 103|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] + new: [...104] [ip4][..udp] [...87.0.217.242][54220] -> [...85.111.52.57][..427] + detected: [...104] [ip4][..udp] [...87.0.217.242][54220] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...103] [ip4][..udp] [.70.193.198.250][29011] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...105] [ip4][..udp] [.54.251.198.222][40998] -> [..165.144.84.62][..427] + detected: [...105] [ip4][..udp] [.54.251.198.222][40998] -> [..165.144.84.62][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...104] [ip4][..udp] [...87.0.217.242][54220] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 108 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 105|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] + new: [...106] [ip4][..udp] [...87.39.57.211][42486] -> [...90.141.37.56][..427] + detected: [...106] [ip4][..udp] [...87.39.57.211][42486] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...105] [ip4][..udp] [.54.251.198.222][40998] -> [..165.144.84.62][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...107] [ip4][..udp] [..88.219.46.235][.7636] -> [..90.147.171.51][..427] + detected: [...107] [ip4][..udp] [..88.219.46.235][.7636] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...106] [ip4][..udp] [...87.39.57.211][42486] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...108] [ip4][..udp] [..173.241.63.36][56717] -> [..74.111.203.55][..427] + detected: [...108] [ip4][..udp] [..173.241.63.36][56717] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...107] [ip4][..udp] [..88.219.46.235][.7636] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...109] [ip4][..udp] [..167.57.49.219][49798] -> [..90.111.212.50][..427] + detected: [...109] [ip4][..udp] [..167.57.49.219][49798] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...107] [ip4][..udp] [..88.219.46.235][.7636] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...108] [ip4][..udp] [..173.241.63.36][56717] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...110] [ip4][..udp] [.168.222.38.193][38055] -> [.186.112.202.53][..427] + detected: [...110] [ip4][..udp] [.168.222.38.193][38055] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...108] [ip4][..udp] [..173.241.63.36][56717] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...109] [ip4][..udp] [..167.57.49.219][49798] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 113 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 110|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 23] + new: [...111] [ip4][..udp] [..46.204.255.75][55098] -> [..165.144.84.62][..427] + detected: [...111] [ip4][..udp] [..46.204.255.75][55098] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...112] [ip4][..udp] [..88.219.46.235][44462] -> [..90.145.180.58][..427] + detected: [...112] [ip4][..udp] [..88.219.46.235][44462] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...109] [ip4][..udp] [..167.57.49.219][49798] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...110] [ip4][..udp] [.168.222.38.193][38055] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...111] [ip4][..udp] [..46.204.255.75][55098] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 115 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 3 / 112|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] + new: [...113] [ip4][..udp] [..167.57.49.219][62479] -> [.165.114.202.61][..427] + detected: [...113] [ip4][..udp] [..167.57.49.219][62479] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...112] [ip4][..udp] [..88.219.46.235][44462] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...110] [ip4][..udp] [.168.222.38.193][38055] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...111] [ip4][..udp] [..46.204.255.75][55098] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...114] [ip4][..udp] [...83.14.224.14][55733] -> [.165.114.202.61][..427] + detected: [...114] [ip4][..udp] [...83.14.224.14][55733] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...113] [ip4][..udp] [..167.57.49.219][62479] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 117 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 114|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] + new: [...115] [ip4][..udp] [.159.60.180.118][43688] -> [..69.109.187.54][..427] + detected: [...115] [ip4][..udp] [.159.60.180.118][43688] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...114] [ip4][..udp] [...83.14.224.14][55733] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 118 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 115|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] + new: [...116] [ip4][..udp] [134.180.144.149][38375] -> [..90.147.171.51][..427] + detected: [...116] [ip4][..udp] [134.180.144.149][38375] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...115] [ip4][..udp] [.159.60.180.118][43688] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 119 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 116|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] + new: [...117] [ip4][..udp] [134.180.144.149][52853] -> [...90.141.37.56][..427] + detected: [...117] [ip4][..udp] [134.180.144.149][52853] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...116] [ip4][..udp] [134.180.144.149][38375] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 120 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 117|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] + new: [...118] [ip4][..udp] [239.100.141.153][53222] -> [.165.114.202.61][..427] + detected: [...118] [ip4][..udp] [239.100.141.153][53222] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...117] [ip4][..udp] [134.180.144.149][52853] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 121 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 118|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] + new: [...119] [ip4][..udp] [..45.99.146.146][34238] -> [..90.111.212.50][..427] + detected: [...119] [ip4][..udp] [..45.99.146.146][34238] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...118] [ip4][..udp] [239.100.141.153][53222] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...120] [ip4][..udp] [182.180.120.139][60043] -> [..165.144.84.62][..427] + detected: [...120] [ip4][..udp] [182.180.120.139][60043] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...119] [ip4][..udp] [..45.99.146.146][34238] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 123 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 120|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] + new: [...121] [ip4][..udp] [..46.100.97.147][55816] -> [..74.111.203.55][..427] + detected: [...121] [ip4][..udp] [..46.100.97.147][55816] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...120] [ip4][..udp] [182.180.120.139][60043] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...119] [ip4][..udp] [..45.99.146.146][34238] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 124 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 121|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] + new: [...122] [ip4][..udp] [.47.123.177.154][47805] -> [..69.109.187.54][..427] + detected: [...122] [ip4][..udp] [.47.123.177.154][47805] -> [..69.109.187.54][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...121] [ip4][..udp] [..46.100.97.147][55816] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...123] [ip4][..udp] [134.180.144.149][51113] -> [..90.145.180.58][..427] + detected: [...123] [ip4][..udp] [134.180.144.149][51113] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...124] [ip4][..udp] [.70.180.111.241][39226] -> [.186.112.202.53][..427] + detected: [...124] [ip4][..udp] [.70.180.111.241][39226] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...122] [ip4][..udp] [.47.123.177.154][47805] -> [..69.109.187.54][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...123] [ip4][..udp] [134.180.144.149][51113] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 127 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 124|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] + new: [...125] [ip4][..udp] [...35.0.100.115][.9681] -> [..165.144.84.62][..427] + detected: [...125] [ip4][..udp] [...35.0.100.115][.9681] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...124] [ip4][..udp] [.70.180.111.241][39226] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...126] [ip4][..udp] [226.158.252.127][24595] -> [..74.111.203.55][..427] + detected: [...126] [ip4][..udp] [226.158.252.127][24595] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...125] [ip4][..udp] [...35.0.100.115][.9681] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 129 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 126|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] + new: [...127] [ip4][..udp] [...66.24.225.77][56086] -> [..74.111.203.55][..427] + detected: [...127] [ip4][..udp] [...66.24.225.77][56086] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...126] [ip4][..udp] [226.158.252.127][24595] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 130 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 127|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] + new: [...128] [ip4][..udp] [...83.14.224.14][49307] -> [..90.145.180.58][..427] + detected: [...128] [ip4][..udp] [...83.14.224.14][49307] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...127] [ip4][..udp] [...66.24.225.77][56086] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 131 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 128|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] + new: [...129] [ip4][..udp] [.98.103.253.115][44099] -> [...90.141.37.56][..427] + detected: [...129] [ip4][..udp] [.98.103.253.115][44099] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...128] [ip4][..udp] [...83.14.224.14][49307] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 132 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] + new: [...130] [ip4][..udp] [226.128.122.118][29946] -> [.165.114.202.61][..427] + detected: [...130] [ip4][..udp] [226.128.122.118][29946] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...129] [ip4][..udp] [.98.103.253.115][44099] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 133 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 130|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] + new: [...131] [ip4][..udp] [..64.63.219.226][57092] -> [..90.147.171.51][..427] + detected: [...131] [ip4][..udp] [..64.63.219.226][57092] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...130] [ip4][..udp] [226.128.122.118][29946] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 134 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 131|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] + new: [...132] [ip4][..udp] [160.184.203.250][41825] -> [..74.111.203.55][..427] + detected: [...132] [ip4][..udp] [160.184.203.250][41825] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...131] [ip4][..udp] [..64.63.219.226][57092] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...133] [ip4][..udp] [..64.63.219.226][57092] -> [.165.114.202.61][..427] + detected: [...133] [ip4][..udp] [..64.63.219.226][57092] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...132] [ip4][..udp] [160.184.203.250][41825] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 136 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 133|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 27] + new: [...134] [ip4][..udp] [..64.71.218.224][20366] -> [...85.111.52.57][..427] + detected: [...134] [ip4][..udp] [..64.71.218.224][20366] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...133] [ip4][..udp] [..64.63.219.226][57092] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...132] [ip4][..udp] [160.184.203.250][41825] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...135] [ip4][..udp] [...64.65.52.246][10179] -> [..165.144.84.62][..427] + detected: [...135] [ip4][..udp] [...64.65.52.246][10179] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...134] [ip4][..udp] [..64.71.218.224][20366] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...136] [ip4][..udp] [..64.63.219.226][10207] -> [...90.141.37.56][..427] + detected: [...136] [ip4][..udp] [..64.63.219.226][10207] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...137] [ip4][..udp] [.161.193.58.225][64776] -> [.186.112.202.53][..427] + detected: [...137] [ip4][..udp] [.161.193.58.225][64776] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...135] [ip4][..udp] [...64.65.52.246][10179] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...136] [ip4][..udp] [..64.63.219.226][10207] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...134] [ip4][..udp] [..64.71.218.224][20366] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 140 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 137|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 28] + new: [...138] [ip4][..udp] [..65.62.197.248][45675] -> [..69.109.187.54][..427] + detected: [...138] [ip4][..udp] [..65.62.197.248][45675] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...137] [ip4][..udp] [.161.193.58.225][64776] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 141 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 138|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 28] + new: [...139] [ip4][..udp] [..16.99.147.146][48728] -> [..165.144.84.62][..427] + detected: [...139] [ip4][..udp] [..16.99.147.146][48728] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...138] [ip4][..udp] [..65.62.197.248][45675] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 142 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 139|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 28] + new: [...140] [ip4][..udp] [.75.153.126.243][54378] -> [..69.109.187.54][..427] + detected: [...140] [ip4][..udp] [.75.153.126.243][54378] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...139] [ip4][..udp] [..16.99.147.146][48728] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...141] [ip4][..udp] [.70.216.186.103][55880] -> [..165.144.84.62][..427] + detected: [...141] [ip4][..udp] [.70.216.186.103][55880] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...140] [ip4][..udp] [.75.153.126.243][54378] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 144 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 141|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 28] + new: [...142] [ip4][..udp] [..82.14.191.177][51704] -> [.186.112.202.53][..427] + detected: [...142] [ip4][..udp] [..82.14.191.177][51704] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...141] [ip4][..udp] [.70.216.186.103][55880] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...143] [ip4][..udp] [..70.28.101.252][49306] -> [..69.109.187.54][..427] + detected: [...143] [ip4][..udp] [..70.28.101.252][49306] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...142] [ip4][..udp] [..82.14.191.177][51704] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...144] [ip4][..udp] [..166.235.162.1][50338] -> [.165.114.202.61][..427] + detected: [...144] [ip4][..udp] [..166.235.162.1][50338] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...142] [ip4][..udp] [..82.14.191.177][51704] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...143] [ip4][..udp] [..70.28.101.252][49306] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 147 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 144|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] + new: [...145] [ip4][..udp] [...38.238.166.9][56529] -> [..90.147.171.51][..427] + detected: [...145] [ip4][..udp] [...38.238.166.9][56529] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...143] [ip4][..udp] [..70.28.101.252][49306] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...144] [ip4][..udp] [..166.235.162.1][50338] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 148 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 145|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] + new: [...146] [ip4][..udp] [..206.204.24.90][51495] -> [...90.141.37.56][..427] + detected: [...146] [ip4][..udp] [..206.204.24.90][51495] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...145] [ip4][..udp] [...38.238.166.9][56529] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 149 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 146|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] + new: [...147] [ip4][..udp] [165.128.253.116][.5073] -> [..90.147.171.51][..427] + detected: [...147] [ip4][..udp] [165.128.253.116][.5073] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...146] [ip4][..udp] [..206.204.24.90][51495] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 150 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 147|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] + new: [...148] [ip4][..udp] [.217.31.231.255][56070] -> [..90.111.212.50][..427] + detected: [...148] [ip4][..udp] [.217.31.231.255][56070] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...147] [ip4][..udp] [165.128.253.116][.5073] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 151 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 148|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] + new: [...149] [ip4][..udp] [.28.102.134.210][45382] -> [..69.109.187.54][..427] + detected: [...149] [ip4][..udp] [.28.102.134.210][45382] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...148] [ip4][..udp] [.217.31.231.255][56070] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 152 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 149|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] + new: [...150] [ip4][..udp] [..173.241.63.36][50984] -> [...85.111.52.57][..427] + detected: [...150] [ip4][..udp] [..173.241.63.36][50984] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...149] [ip4][..udp] [.28.102.134.210][45382] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 153 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 150|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] + new: [...151] [ip4][..udp] [...81.24.43.106][60145] -> [..90.111.212.50][..427] + detected: [...151] [ip4][..udp] [...81.24.43.106][60145] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...150] [ip4][..udp] [..173.241.63.36][50984] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 154 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 151|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] + new: [...152] [ip4][..udp] [...81.24.43.106][57096] -> [..74.111.203.55][..427] + detected: [...152] [ip4][..udp] [...81.24.43.106][57096] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...151] [ip4][..udp] [...81.24.43.106][60145] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 155 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 152|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] + new: [...153] [ip4][..udp] [...81.24.43.106][58419] -> [..69.109.187.54][..427] + detected: [...153] [ip4][..udp] [...81.24.43.106][58419] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...152] [ip4][..udp] [...81.24.43.106][57096] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...154] [ip4][..udp] [...81.24.43.106][52243] -> [...85.111.52.57][..427] + detected: [...154] [ip4][..udp] [...81.24.43.106][52243] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...153] [ip4][..udp] [...81.24.43.106][58419] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 157 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 154|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] + new: [...155] [ip4][..udp] [.70.180.111.241][39508] -> [..165.144.84.62][..427] + detected: [...155] [ip4][..udp] [.70.180.111.241][39508] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...153] [ip4][..udp] [...81.24.43.106][58419] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...154] [ip4][..udp] [...81.24.43.106][52243] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 158 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 155|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] + new: [...156] [ip4][..udp] [208.100.177.136][45704] -> [..90.111.212.50][..427] + detected: [...156] [ip4][..udp] [208.100.177.136][45704] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...155] [ip4][..udp] [.70.180.111.241][39508] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...157] [ip4][..udp] [...81.24.43.106][47011] -> [..165.144.84.62][..427] + detected: [...157] [ip4][..udp] [...81.24.43.106][47011] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...156] [ip4][..udp] [208.100.177.136][45704] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 160 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 157|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] + new: [...158] [ip4][..udp] [182.180.120.139][33316] -> [..69.109.187.54][..427] + detected: [...158] [ip4][..udp] [182.180.120.139][33316] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...157] [ip4][..udp] [...81.24.43.106][47011] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...159] [ip4][..udp] [182.180.120.139][38297] -> [...90.141.37.56][..427] + detected: [...159] [ip4][..udp] [182.180.120.139][38297] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...158] [ip4][..udp] [182.180.120.139][33316] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 162 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 159|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] + new: [...160] [ip4][..udp] [.246.75.104.115][49217] -> [..90.145.180.58][..427] + detected: [...160] [ip4][..udp] [.246.75.104.115][49217] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...159] [ip4][..udp] [182.180.120.139][38297] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...161] [ip4][..udp] [.246.75.104.115][50697] -> [.186.112.202.53][..427] + detected: [...161] [ip4][..udp] [.246.75.104.115][50697] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 164 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 161|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] + new: [...162] [ip4][..udp] [.45.124.147.156][57093] -> [...85.111.52.57][..427] + detected: [...162] [ip4][..udp] [.45.124.147.156][57093] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...161] [ip4][..udp] [.246.75.104.115][50697] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...160] [ip4][..udp] [.246.75.104.115][49217] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...163] [ip4][..udp] [...81.24.43.106][60815] -> [...90.141.37.56][..427] + detected: [...163] [ip4][..udp] [...81.24.43.106][60815] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...162] [ip4][..udp] [.45.124.147.156][57093] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 166 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 163|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] + new: [...164] [ip4][..udp] [.246.75.104.115][34990] -> [..74.111.203.55][..427] + detected: [...164] [ip4][..udp] [.246.75.104.115][34990] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...163] [ip4][..udp] [...81.24.43.106][60815] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...165] [ip4][..udp] [239.100.141.153][41989] -> [..90.147.171.51][..427] + detected: [...165] [ip4][..udp] [239.100.141.153][41989] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...164] [ip4][..udp] [.246.75.104.115][34990] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...166] [ip4][..udp] [184.180.168.240][39574] -> [.165.114.202.61][..427] + detected: [...166] [ip4][..udp] [184.180.168.240][39574] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 169 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 3 / 166|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...167] [ip4][..udp] [...81.24.43.106][58836] -> [..90.147.171.51][..427] + detected: [...167] [ip4][..udp] [...81.24.43.106][58836] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...166] [ip4][..udp] [184.180.168.240][39574] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...164] [ip4][..udp] [.246.75.104.115][34990] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...165] [ip4][..udp] [239.100.141.153][41989] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 170 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 167|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] + detected: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...167] [ip4][..udp] [...81.24.43.106][58836] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 171 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 168|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...169] [ip4][..udp] [.227.134.81.212][10457] -> [..74.111.203.55][..427] + detected: [...169] [ip4][..udp] [.227.134.81.212][10457] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 172 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 169|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...170] [ip4][..udp] [.75.137.134.242][.6448] -> [..74.111.203.55][..427] + detected: [...170] [ip4][..udp] [.75.137.134.242][.6448] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...169] [ip4][..udp] [.227.134.81.212][10457] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 173 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 170|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...171] [ip4][..udp] [..91.33.106.218][.2534] -> [..165.144.84.62][..427] + detected: [...171] [ip4][..udp] [..91.33.106.218][.2534] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...170] [ip4][..udp] [.75.137.134.242][.6448] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 174 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 171|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...172] [ip4][..udp] [.34.119.122.126][.6239] -> [...85.111.52.57][..427] + detected: [...172] [ip4][..udp] [.34.119.122.126][.6239] -> [...85.111.52.57][..427] [Service_Location_Protocol][Google][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...171] [ip4][..udp] [..91.33.106.218][.2534] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 175 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 172|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...173] [ip4][..udp] [..46.100.97.147][52664] -> [.165.114.202.61][..427] + detected: [...173] [ip4][..udp] [..46.100.97.147][52664] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...172] [ip4][..udp] [.34.119.122.126][.6239] -> [...85.111.52.57][..427] [Service_Location_Protocol][Google][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 176 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 173|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...174] [ip4][..udp] [...81.24.43.106][48098] -> [..90.145.180.58][..427] + detected: [...174] [ip4][..udp] [...81.24.43.106][48098] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...173] [ip4][..udp] [..46.100.97.147][52664] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 177 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 174|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...175] [ip4][..udp] [...81.24.43.106][43525] -> [.165.114.202.61][..427] + detected: [...175] [ip4][..udp] [...81.24.43.106][43525] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...174] [ip4][..udp] [...81.24.43.106][48098] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 178 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 175|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...176] [ip4][..udp] [...33.216.90.56][53342] -> [..90.147.171.51][..427] + detected: [...176] [ip4][..udp] [...33.216.90.56][53342] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...175] [ip4][..udp] [...81.24.43.106][43525] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...177] [ip4][..udp] [..161.47.199.37][50010] -> [.186.112.202.53][..427] + detected: [...177] [ip4][..udp] [..161.47.199.37][50010] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...176] [ip4][..udp] [...33.216.90.56][53342] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 180 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 177|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...178] [ip4][..udp] [.93.102.124.112][41596] -> [..90.111.212.50][..427] + detected: [...178] [ip4][..udp] [.93.102.124.112][41596] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...177] [ip4][..udp] [..161.47.199.37][50010] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 181 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 178|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] + new: [...179] [ip4][..udp] [.119.34.147.222][56878] -> [..90.145.180.58][..427] + detected: [...179] [ip4][..udp] [.119.34.147.222][56878] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...178] [ip4][..udp] [.93.102.124.112][41596] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...180] [ip4][..udp] [249.149.111.219][57636] -> [...90.141.37.56][..427] + detected: [...180] [ip4][..udp] [249.149.111.219][57636] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...179] [ip4][..udp] [.119.34.147.222][56878] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...181] [ip4][..udp] [118.158.148.196][44102] -> [.165.114.202.61][..427] + detected: [...181] [ip4][..udp] [118.158.148.196][44102] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...182] [ip4][..udp] [134.217.184.242][23876] -> [...85.111.52.57][..427] + detected: [...182] [ip4][..udp] [134.217.184.242][23876] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...180] [ip4][..udp] [249.149.111.219][57636] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...181] [ip4][..udp] [118.158.148.196][44102] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...183] [ip4][..udp] [..185.97.76.211][42268] -> [..69.109.187.54][..427] + detected: [...183] [ip4][..udp] [..185.97.76.211][42268] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...181] [ip4][..udp] [118.158.148.196][44102] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...182] [ip4][..udp] [134.217.184.242][23876] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 186 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 183|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...184] [ip4][..udp] [.71.170.115.245][44124] -> [..74.111.203.55][..427] + detected: [...184] [ip4][..udp] [.71.170.115.245][44124] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...183] [ip4][..udp] [..185.97.76.211][42268] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...182] [ip4][..udp] [134.217.184.242][23876] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...185] [ip4][..udp] [.198.153.87.225][34996] -> [..165.144.84.62][..427] + detected: [...185] [ip4][..udp] [.198.153.87.225][34996] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...184] [ip4][..udp] [.71.170.115.245][44124] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...186] [ip4][..udp] [.71.170.115.245][44124] -> [..90.111.212.50][..427] + detected: [...186] [ip4][..udp] [.71.170.115.245][44124] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...185] [ip4][..udp] [.198.153.87.225][34996] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...187] [ip4][..udp] [134.217.184.242][41215] -> [..90.147.171.51][..427] + detected: [...187] [ip4][..udp] [134.217.184.242][41215] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 190 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 187|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...188] [ip4][..udp] [..56.82.128.250][53705] -> [.186.112.202.53][..427] + detected: [...188] [ip4][..udp] [..56.82.128.250][53705] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...187] [ip4][..udp] [134.217.184.242][41215] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...186] [ip4][..udp] [.71.170.115.245][44124] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 191 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 188|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...189] [ip4][..udp] [.218.211.196.58][52158] -> [...85.111.52.57][..427] + detected: [...189] [ip4][..udp] [.218.211.196.58][52158] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...188] [ip4][..udp] [..56.82.128.250][53705] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 192 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 189|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...190] [ip4][..udp] [236.131.162.157][34095] -> [..90.147.171.51][..427] + detected: [...190] [ip4][..udp] [236.131.162.157][34095] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...189] [ip4][..udp] [.218.211.196.58][52158] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 193 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 190|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...191] [ip4][..udp] [.177.48.184.247][56640] -> [.165.114.202.61][..427] + detected: [...191] [ip4][..udp] [.177.48.184.247][56640] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...190] [ip4][..udp] [236.131.162.157][34095] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 194 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 191|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...192] [ip4][..udp] [..69.36.231.230][53489] -> [..90.111.212.50][..427] + detected: [...192] [ip4][..udp] [..69.36.231.230][53489] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...191] [ip4][..udp] [.177.48.184.247][56640] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 195 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 192|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...193] [ip4][..udp] [...44.239.95.30][56105] -> [..74.111.203.55][..427] + detected: [...193] [ip4][..udp] [...44.239.95.30][56105] -> [..74.111.203.55][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...192] [ip4][..udp] [..69.36.231.230][53489] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 196 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 193|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...194] [ip4][..udp] [....80.16.0.251][49389] -> [..165.144.84.62][..427] + detected: [...194] [ip4][..udp] [....80.16.0.251][49389] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...193] [ip4][..udp] [...44.239.95.30][56105] -> [..74.111.203.55][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 197 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 194|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...195] [ip4][..udp] [...165.37.39.94][49159] -> [..69.109.187.54][..427] + detected: [...195] [ip4][..udp] [...165.37.39.94][49159] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...194] [ip4][..udp] [....80.16.0.251][49389] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 198 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 195|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...196] [ip4][..udp] [..178.14.64.233][55586] -> [...90.141.37.56][..427] + detected: [...196] [ip4][..udp] [..178.14.64.233][55586] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...195] [ip4][..udp] [...165.37.39.94][49159] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 199 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 196|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...197] [ip4][..udp] [.200.31.144.158][47437] -> [.165.114.202.61][..427] + detected: [...197] [ip4][..udp] [.200.31.144.158][47437] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...196] [ip4][..udp] [..178.14.64.233][55586] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 200 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 197|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...198] [ip4][..udp] [.200.31.144.158][44893] -> [..69.109.187.54][..427] + detected: [...198] [ip4][..udp] [.200.31.144.158][44893] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...197] [ip4][..udp] [.200.31.144.158][47437] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...199] [ip4][..udp] [.200.31.144.158][46878] -> [...85.111.52.57][..427] + detected: [...199] [ip4][..udp] [.200.31.144.158][46878] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...198] [ip4][..udp] [.200.31.144.158][44893] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 202 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 199|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...200] [ip4][..udp] [.200.31.144.158][39691] -> [..90.111.212.50][..427] + detected: [...200] [ip4][..udp] [.200.31.144.158][39691] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...199] [ip4][..udp] [.200.31.144.158][46878] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 203 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 200|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...201] [ip4][..udp] [.200.31.144.158][59069] -> [..74.111.203.55][..427] + detected: [...201] [ip4][..udp] [.200.31.144.158][59069] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...200] [ip4][..udp] [.200.31.144.158][39691] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...202] [ip4][..udp] [.200.31.144.158][51406] -> [..90.147.171.51][..427] + detected: [...202] [ip4][..udp] [.200.31.144.158][51406] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...201] [ip4][..udp] [.200.31.144.158][59069] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 205 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 202|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] + new: [...203] [ip4][..udp] [.200.31.144.158][35296] -> [...90.141.37.56][..427] + detected: [...203] [ip4][..udp] [.200.31.144.158][35296] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...202] [ip4][..udp] [.200.31.144.158][51406] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...204] [ip4][..udp] [.200.31.144.158][48172] -> [..90.145.180.58][..427] + detected: [...204] [ip4][..udp] [.200.31.144.158][48172] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...202] [ip4][..udp] [.200.31.144.158][51406] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...203] [ip4][..udp] [.200.31.144.158][35296] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 207 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 204|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 36] + new: [...205] [ip4][..udp] [.200.31.144.158][53249] -> [..165.144.84.62][..427] + detected: [...205] [ip4][..udp] [.200.31.144.158][53249] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...203] [ip4][..udp] [.200.31.144.158][35296] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...204] [ip4][..udp] [.200.31.144.158][48172] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 208 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 205|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 36] + new: [...206] [ip4][..udp] [..16.100.83.145][60232] -> [..90.147.171.51][..427] + detected: [...206] [ip4][..udp] [..16.100.83.145][60232] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...205] [ip4][..udp] [.200.31.144.158][53249] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...207] [ip4][..udp] [184.180.168.240][36840] -> [.186.112.202.53][..427] + detected: [...207] [ip4][..udp] [184.180.168.240][36840] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...206] [ip4][..udp] [..16.100.83.145][60232] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...208] [ip4][..udp] [..16.99.147.146][34236] -> [..90.111.212.50][..427] + detected: [...208] [ip4][..udp] [..16.99.147.146][34236] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...206] [ip4][..udp] [..16.100.83.145][60232] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...207] [ip4][..udp] [184.180.168.240][36840] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 211 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 208|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] + new: [...209] [ip4][..udp] [182.180.120.139][53230] -> [..90.145.180.58][..427] + detected: [...209] [ip4][..udp] [182.180.120.139][53230] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...208] [ip4][..udp] [..16.99.147.146][34236] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 212 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 209|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] + new: [...210] [ip4][..udp] [182.180.120.139][38609] -> [...90.141.37.56][..427] + detected: [...210] [ip4][..udp] [182.180.120.139][38609] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...209] [ip4][..udp] [182.180.120.139][53230] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 213 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 210|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] + new: [...211] [ip4][..udp] [..19.99.147.148][36797] -> [.165.114.202.61][..427] + detected: [...211] [ip4][..udp] [..19.99.147.148][36797] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...210] [ip4][..udp] [182.180.120.139][38609] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...212] [ip4][..udp] [.45.131.161.152][36751] -> [..165.144.84.62][..427] + detected: [...212] [ip4][..udp] [.45.131.161.152][36751] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...211] [ip4][..udp] [..19.99.147.148][36797] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 215 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 212|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] + new: [...213] [ip4][..udp] [.45.100.140.153][54538] -> [..74.111.203.55][..427] + detected: [...213] [ip4][..udp] [.45.100.140.153][54538] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...212] [ip4][..udp] [.45.131.161.152][36751] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 216 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 213|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] + new: [...214] [ip4][..udp] [.103.71.146.222][26355] -> [...90.141.37.56][..427] + detected: [...214] [ip4][..udp] [.103.71.146.222][26355] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...213] [ip4][..udp] [.45.100.140.153][54538] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 217 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 214|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] + new: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] + detected: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...214] [ip4][..udp] [.103.71.146.222][26355] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] + detected: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 219 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 216|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 38] + new: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] + detected: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...218] [ip4][..udp] [..167.7.154.125][.8220] -> [...85.111.52.57][..427] + detected: [...218] [ip4][..udp] [..167.7.154.125][.8220] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 221 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 218|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] + new: [...219] [ip4][..udp] [..46.100.97.147][59003] -> [...85.111.52.57][..427] + detected: [...219] [ip4][..udp] [..46.100.97.147][59003] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...218] [ip4][..udp] [..167.7.154.125][.8220] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 222 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 219|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] + new: [...220] [ip4][..udp] [..67.159.16.150][35493] -> [...90.141.37.56][..427] + detected: [...220] [ip4][..udp] [..67.159.16.150][35493] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...219] [ip4][..udp] [..46.100.97.147][59003] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 223 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 220|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] + new: [...221] [ip4][..udp] [..67.159.16.150][35856] -> [..69.109.187.54][..427] + detected: [...221] [ip4][..udp] [..67.159.16.150][35856] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...220] [ip4][..udp] [..67.159.16.150][35493] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 224 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 221|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] + new: [...222] [ip4][..udp] [....34.220.38.0][54720] -> [.186.112.202.53][..427] + detected: [...222] [ip4][..udp] [....34.220.38.0][54720] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...221] [ip4][..udp] [..67.159.16.150][35856] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 225 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 222|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] + new: [...223] [ip4][..udp] [..173.49.159.50][54834] -> [..74.111.203.55][..427] + detected: [...223] [ip4][..udp] [..173.49.159.50][54834] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...222] [ip4][..udp] [....34.220.38.0][54720] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 226 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 223|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] + new: [...224] [ip4][..udp] [.206.17.216.171][53625] -> [..69.109.187.54][..427] + detected: [...224] [ip4][..udp] [.206.17.216.171][53625] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...223] [ip4][..udp] [..173.49.159.50][54834] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 227 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 224|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] + new: [...225] [ip4][..udp] [..64.56.203.178][42341] -> [..74.111.203.55][..427] + detected: [...225] [ip4][..udp] [..64.56.203.178][42341] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...224] [ip4][..udp] [.206.17.216.171][53625] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 228 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 225|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] + new: [...226] [ip4][..udp] [..166.70.59.181][46093] -> [..90.111.212.50][..427] + detected: [...226] [ip4][..udp] [..166.70.59.181][46093] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...225] [ip4][..udp] [..64.56.203.178][42341] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...227] [ip4][..udp] [167.185.203.175][.8162] -> [..165.144.84.62][..427] + detected: [...227] [ip4][..udp] [167.185.203.175][.8162] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...226] [ip4][..udp] [..166.70.59.181][46093] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...228] [ip4][..udp] [...33.26.187.87][52761] -> [...90.141.37.56][..427] + detected: [...228] [ip4][..udp] [...33.26.187.87][52761] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...226] [ip4][..udp] [..166.70.59.181][46093] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...227] [ip4][..udp] [167.185.203.175][.8162] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...229] [ip4][..udp] [.88.192.213.176][63574] -> [.165.114.202.61][..427] + detected: [...229] [ip4][..udp] [.88.192.213.176][63574] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...227] [ip4][..udp] [167.185.203.175][.8162] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...228] [ip4][..udp] [...33.26.187.87][52761] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...230] [ip4][..udp] [184.199.219.188][30639] -> [...90.141.37.56][..427] + detected: [...230] [ip4][..udp] [184.199.219.188][30639] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...229] [ip4][..udp] [.88.192.213.176][63574] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...228] [ip4][..udp] [...33.26.187.87][52761] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 233 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 230|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 42] + new: [...231] [ip4][..udp] [166.199.219.182][28881] -> [..69.109.187.54][..427] + detected: [...231] [ip4][..udp] [166.199.219.182][28881] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...230] [ip4][..udp] [184.199.219.188][30639] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 234 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 231|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...232] [ip4][..udp] [..95.64.196.186][18841] -> [.186.112.202.53][..427] + detected: [...232] [ip4][..udp] [..95.64.196.186][18841] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...230] [ip4][..udp] [184.199.219.188][30639] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...231] [ip4][..udp] [166.199.219.182][28881] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...233] [ip4][..udp] [..88.63.218.184][51027] -> [..90.145.180.58][..427] + detected: [...233] [ip4][..udp] [..88.63.218.184][51027] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...232] [ip4][..udp] [..95.64.196.186][18841] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 236 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 233|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...234] [ip4][..udp] [...71.64.36.183][57381] -> [...85.111.52.57][..427] + detected: [...234] [ip4][..udp] [...71.64.36.183][57381] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...233] [ip4][..udp] [..88.63.218.184][51027] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 237 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 234|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...235] [ip4][..udp] [165.211.188.239][50862] -> [.165.114.202.61][..427] + detected: [...235] [ip4][..udp] [165.211.188.239][50862] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...234] [ip4][..udp] [...71.64.36.183][57381] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 238 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 235|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...236] [ip4][..udp] [...31.0.154.114][31214] -> [...90.141.37.56][..427] + detected: [...236] [ip4][..udp] [...31.0.154.114][31214] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...235] [ip4][..udp] [165.211.188.239][50862] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 239 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 236|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...237] [ip4][..udp] [.34.119.122.126][19055] -> [..165.144.84.62][..427] + detected: [...237] [ip4][..udp] [.34.119.122.126][19055] -> [..165.144.84.62][..427] [Service_Location_Protocol][Google][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...236] [ip4][..udp] [...31.0.154.114][31214] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...238] [ip4][..udp] [..89.214.56.129][50635] -> [...85.111.52.57][..427] + detected: [...238] [ip4][..udp] [..89.214.56.129][50635] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...237] [ip4][..udp] [.34.119.122.126][19055] -> [..165.144.84.62][..427] [Service_Location_Protocol][Google][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 241 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 238|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...239] [ip4][..udp] [..193.209.38.96][56783] -> [..90.111.212.50][..427] + detected: [...239] [ip4][..udp] [..193.209.38.96][56783] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...238] [ip4][..udp] [..89.214.56.129][50635] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 242 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 239|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...240] [ip4][..udp] [..34.16.223.107][49482] -> [..165.144.84.62][..427] + detected: [...240] [ip4][..udp] [..34.16.223.107][49482] -> [..165.144.84.62][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...239] [ip4][..udp] [..193.209.38.96][56783] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 243 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 240|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...241] [ip4][..udp] [..235.96.127.30][30596] -> [..165.144.84.62][..427] + detected: [...241] [ip4][..udp] [..235.96.127.30][30596] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...240] [ip4][..udp] [..34.16.223.107][49482] -> [..165.144.84.62][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 245 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 241|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...242] [ip4][..udp] [...154.96.5.121][30879] -> [..74.111.203.55][..427] + detected: [...242] [ip4][..udp] [...154.96.5.121][30879] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...241] [ip4][..udp] [..235.96.127.30][30596] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 246 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 242|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...243] [ip4][..udp] [208.123.176.154][53775] -> [...90.141.37.56][..427] + detected: [...243] [ip4][..udp] [208.123.176.154][53775] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...242] [ip4][..udp] [...154.96.5.121][30879] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 247 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 243|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...244] [ip4][..udp] [.236.131.82.145][40660] -> [..69.109.187.54][..427] + detected: [...244] [ip4][..udp] [.236.131.82.145][40660] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...243] [ip4][..udp] [208.123.176.154][53775] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 248 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 244|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] + new: [...245] [ip4][..udp] [.19.156.188.155][47749] -> [..74.111.203.55][..427] + detected: [...245] [ip4][..udp] [.19.156.188.155][47749] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...244] [ip4][..udp] [.236.131.82.145][40660] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...246] [ip4][..udp] [237.132.176.136][34418] -> [..165.144.84.62][..427] + detected: [...246] [ip4][..udp] [237.132.176.136][34418] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...245] [ip4][..udp] [.19.156.188.155][47749] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 250 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 246|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] + new: [...247] [ip4][..udp] [.45.124.147.156][55189] -> [.165.114.202.61][..427] + detected: [...247] [ip4][..udp] [.45.124.147.156][55189] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...246] [ip4][..udp] [237.132.176.136][34418] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...245] [ip4][..udp] [.19.156.188.155][47749] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 251 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 247|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] + new: [...248] [ip4][..udp] [.70.180.111.241][37873] -> [..90.145.180.58][..427] + detected: [...248] [ip4][..udp] [.70.180.111.241][37873] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...247] [ip4][..udp] [.45.124.147.156][55189] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 252 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 248|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] + new: [...249] [ip4][..udp] [.47.123.177.154][50527] -> [..90.111.212.50][..427] + detected: [...249] [ip4][..udp] [.47.123.177.154][50527] -> [..90.111.212.50][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...248] [ip4][..udp] [.70.180.111.241][37873] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 253 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 249|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] + new: [...250] [ip4][..udp] [.227.199.90.122][22596] -> [..74.111.203.55][..427] + detected: [...250] [ip4][..udp] [.227.199.90.122][22596] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...249] [ip4][..udp] [.47.123.177.154][50527] -> [..90.111.212.50][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 254 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 250|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] + new: [...251] [ip4][..udp] [...161.45.5.172][56443] -> [..90.147.171.51][..427] + detected: [...251] [ip4][..udp] [...161.45.5.172][56443] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...250] [ip4][..udp] [.227.199.90.122][22596] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 255 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 251|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] + new: [...252] [ip4][..udp] [...66.24.225.77][55319] -> [...85.111.52.57][..427] + detected: [...252] [ip4][..udp] [...66.24.225.77][55319] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...251] [ip4][..udp] [...161.45.5.172][56443] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 256 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 252|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] + new: [...253] [ip4][..udp] [..88.56.155.126][14639] -> [.186.112.202.53][..427] + detected: [...253] [ip4][..udp] [..88.56.155.126][14639] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...252] [ip4][..udp] [...66.24.225.77][55319] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 257 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 253|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] + new: [...254] [ip4][..udp] [..35.252.69.113][15055] -> [..69.109.187.54][..427] + detected: [...254] [ip4][..udp] [..35.252.69.113][15055] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...253] [ip4][..udp] [..88.56.155.126][14639] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 258 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 254|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] + new: [...255] [ip4][..udp] [...93.22.25.240][53557] -> [..165.144.84.62][..427] + detected: [...255] [ip4][..udp] [...93.22.25.240][53557] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...254] [ip4][..udp] [..35.252.69.113][15055] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...256] [ip4][..udp] [..94.46.221.227][49978] -> [...90.141.37.56][..427] + detected: [...256] [ip4][..udp] [..94.46.221.227][49978] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...255] [ip4][..udp] [...93.22.25.240][53557] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...257] [ip4][..udp] [..211.49.103.57][55377] -> [..69.109.187.54][..427] + detected: [...257] [ip4][..udp] [..211.49.103.57][55377] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...256] [ip4][..udp] [..94.46.221.227][49978] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...255] [ip4][..udp] [...93.22.25.240][53557] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 261 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 257|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] + new: [...258] [ip4][..udp] [..67.159.16.150][57227] -> [.186.112.202.53][..427] + detected: [...258] [ip4][..udp] [..67.159.16.150][57227] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...257] [ip4][..udp] [..211.49.103.57][55377] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 262 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 258|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] + new: [...259] [ip4][..udp] [..70.210.130.41][50379] -> [.186.112.202.53][..427] + detected: [...259] [ip4][..udp] [..70.210.130.41][50379] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...258] [ip4][..udp] [..67.159.16.150][57227] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 263 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 259|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] + new: [...260] [ip4][..udp] [.217.23.159.199][54694] -> [..74.111.203.55][..427] + detected: [...260] [ip4][..udp] [.217.23.159.199][54694] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...259] [ip4][..udp] [..70.210.130.41][50379] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 264 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 260|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] + new: [...261] [ip4][..udp] [208.243.248.212][54962] -> [.165.114.202.61][..427] + detected: [...261] [ip4][..udp] [208.243.248.212][54962] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...260] [ip4][..udp] [.217.23.159.199][54694] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 265 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 261|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] + new: [...262] [ip4][..udp] [..42.224.153.12][15346] -> [..90.147.171.51][..427] + detected: [...262] [ip4][..udp] [..42.224.153.12][15346] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...261] [ip4][..udp] [208.243.248.212][54962] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 267 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 262|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] + new: [...263] [ip4][..udp] [199.221.139.233][45906] -> [..90.145.180.58][..427] + detected: [...263] [ip4][..udp] [199.221.139.233][45906] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...262] [ip4][..udp] [..42.224.153.12][15346] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...264] [ip4][..udp] [.246.237.99.253][12689] -> [..69.109.187.54][..427] + detected: [...264] [ip4][..udp] [.246.237.99.253][12689] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...263] [ip4][..udp] [199.221.139.233][45906] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 269 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 264|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] + new: [...265] [ip4][..udp] [.247.45.112.206][20029] -> [..90.111.212.50][..427] + detected: [...265] [ip4][..udp] [.247.45.112.206][20029] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...264] [ip4][..udp] [.246.237.99.253][12689] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...266] [ip4][..udp] [..56.174.92.201][12782] -> [.165.114.202.61][..427] + detected: [...266] [ip4][..udp] [..56.174.92.201][12782] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...265] [ip4][..udp] [.247.45.112.206][20029] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...267] [ip4][..udp] [..70.38.107.241][.3833] -> [...85.111.52.57][..427] + detected: [...267] [ip4][..udp] [..70.38.107.241][.3833] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...266] [ip4][..udp] [..56.174.92.201][12782] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 272 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 267|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...268] [ip4][..udp] [..70.106.99.214][10633] -> [..74.111.203.55][..427] + detected: [...268] [ip4][..udp] [..70.106.99.214][10633] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...266] [ip4][..udp] [..56.174.92.201][12782] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...267] [ip4][..udp] [..70.38.107.241][.3833] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...269] [ip4][..udp] [.246.237.99.253][28232] -> [..165.144.84.62][..427] + detected: [...269] [ip4][..udp] [.246.237.99.253][28232] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...268] [ip4][..udp] [..70.106.99.214][10633] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 274 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 269|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...270] [ip4][..udp] [.200.29.108.217][55185] -> [...90.141.37.56][..427] + detected: [...270] [ip4][..udp] [.200.29.108.217][55185] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...269] [ip4][..udp] [.246.237.99.253][28232] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 275 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 270|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...271] [ip4][..udp] [..67.159.16.150][48238] -> [...85.111.52.57][..427] + detected: [...271] [ip4][..udp] [..67.159.16.150][48238] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...270] [ip4][..udp] [.200.29.108.217][55185] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 276 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 271|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...272] [ip4][..udp] [...35.0.100.115][24038] -> [..165.144.84.62][..427] + detected: [...272] [ip4][..udp] [...35.0.100.115][24038] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...271] [ip4][..udp] [..67.159.16.150][48238] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 277 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 272|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...273] [ip4][..udp] [.91.255.107.116][29445] -> [.165.114.202.61][..427] + detected: [...273] [ip4][..udp] [.91.255.107.116][29445] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...272] [ip4][..udp] [...35.0.100.115][24038] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...274] [ip4][..udp] [...98.137.3.114][.5334] -> [.165.114.202.61][..427] + detected: [...274] [ip4][..udp] [...98.137.3.114][.5334] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...273] [ip4][..udp] [.91.255.107.116][29445] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 279 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 274|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...275] [ip4][..udp] [.224.127.98.214][19171] -> [..90.147.171.51][..427] + detected: [...275] [ip4][..udp] [.224.127.98.214][19171] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...274] [ip4][..udp] [...98.137.3.114][.5334] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 280 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 275|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...276] [ip4][..udp] [157.120.252.123][37363] -> [..90.145.180.58][..427] + detected: [...276] [ip4][..udp] [157.120.252.123][37363] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...275] [ip4][..udp] [.224.127.98.214][19171] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 281 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 276|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...277] [ip4][..udp] [.246.75.104.115][37519] -> [..90.145.180.58][..427] + detected: [...277] [ip4][..udp] [.246.75.104.115][37519] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...276] [ip4][..udp] [157.120.252.123][37363] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 282 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 277|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...278] [ip4][..udp] [.236.155.96.147][47606] -> [..74.111.203.55][..427] + detected: [...278] [ip4][..udp] [.236.155.96.147][47606] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...277] [ip4][..udp] [.246.75.104.115][37519] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 283 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 278|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...279] [ip4][..udp] [..45.99.146.146][32910] -> [..90.111.212.50][..427] + detected: [...279] [ip4][..udp] [..45.99.146.146][32910] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...278] [ip4][..udp] [.236.155.96.147][47606] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 284 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 279|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] + new: [...280] [ip4][..udp] [200.180.144.114][52790] -> [.186.112.202.53][..427] + detected: [...280] [ip4][..udp] [200.180.144.114][52790] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...279] [ip4][..udp] [..45.99.146.146][32910] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...281] [ip4][..udp] [134.180.144.149][36409] -> [..69.109.187.54][..427] + detected: [...281] [ip4][..udp] [134.180.144.149][36409] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...280] [ip4][..udp] [200.180.144.114][52790] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...282] [ip4][..udp] [182.180.120.139][60621] -> [.165.114.202.61][..427] + detected: [...282] [ip4][..udp] [182.180.120.139][60621] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...281] [ip4][..udp] [134.180.144.149][36409] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...280] [ip4][..udp] [200.180.144.114][52790] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 287 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 282|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 47] + new: [...283] [ip4][..udp] [..45.99.146.146][60327] -> [..165.144.84.62][..427] + detected: [...283] [ip4][..udp] [..45.99.146.146][60327] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...282] [ip4][..udp] [182.180.120.139][60621] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...284] [ip4][..udp] [200.180.144.114][56239] -> [...90.141.37.56][..427] + detected: [...284] [ip4][..udp] [200.180.144.114][56239] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...283] [ip4][..udp] [..45.99.146.146][60327] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 289 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 284|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 47] + new: [...285] [ip4][..udp] [.236.155.96.147][41408] -> [...85.111.52.57][..427] + detected: [...285] [ip4][..udp] [.236.155.96.147][41408] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...284] [ip4][..udp] [200.180.144.114][56239] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 290 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 285|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 47] + new: [...286] [ip4][..udp] [162.219.248.180][51156] -> [..90.147.171.51][..427] + detected: [...286] [ip4][..udp] [162.219.248.180][51156] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...285] [ip4][..udp] [.236.155.96.147][41408] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 291 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 286|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 47] + new: [...287] [ip4][..udp] [.200.31.144.158][55455] -> [...85.111.52.57][..427] + detected: [...287] [ip4][..udp] [.200.31.144.158][55455] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...286] [ip4][..udp] [162.219.248.180][51156] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...288] [ip4][..udp] [.200.31.144.158][50780] -> [.165.114.202.61][..427] + detected: [...288] [ip4][..udp] [.200.31.144.158][50780] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...287] [ip4][..udp] [.200.31.144.158][55455] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 293 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 288|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 48] + new: [...289] [ip4][..udp] [.200.31.144.158][56478] -> [.186.112.202.53][..427] + detected: [...289] [ip4][..udp] [.200.31.144.158][56478] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...287] [ip4][..udp] [.200.31.144.158][55455] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...288] [ip4][..udp] [.200.31.144.158][50780] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 294 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 289|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 48] + new: [...290] [ip4][..udp] [.200.31.144.158][48895] -> [..165.144.84.62][..427] + detected: [...290] [ip4][..udp] [.200.31.144.158][48895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...289] [ip4][..udp] [.200.31.144.158][56478] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...291] [ip4][..udp] [.200.31.144.158][37856] -> [..69.109.187.54][..427] + detected: [...291] [ip4][..udp] [.200.31.144.158][37856] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...290] [ip4][..udp] [.200.31.144.158][48895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...292] [ip4][..udp] [212.154.223.103][55839] -> [...90.141.37.56][..427] + detected: [...292] [ip4][..udp] [212.154.223.103][55839] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...290] [ip4][..udp] [.200.31.144.158][48895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...291] [ip4][..udp] [.200.31.144.158][37856] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 298 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 292|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 49] + new: [...293] [ip4][..udp] [.75.137.134.242][59307] -> [.165.114.202.61][..427] + detected: [...293] [ip4][..udp] [.75.137.134.242][59307] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...292] [ip4][..udp] [212.154.223.103][55839] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...294] [ip4][..udp] [.200.31.144.158][53742] -> [...90.141.37.56][..427] + detected: [...294] [ip4][..udp] [.200.31.144.158][53742] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...293] [ip4][..udp] [.75.137.134.242][59307] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 300 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 294|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 49] + new: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] + detected: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...294] [ip4][..udp] [.200.31.144.158][53742] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] + detected: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...297] [ip4][..udp] [.200.31.144.158][50776] -> [..90.111.212.50][..427] + detected: [...297] [ip4][..udp] [.200.31.144.158][50776] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...298] [ip4][..udp] [.200.31.144.158][49681] -> [..90.145.180.58][..427] + detected: [...298] [ip4][..udp] [.200.31.144.158][49681] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...297] [ip4][..udp] [.200.31.144.158][50776] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...299] [ip4][..udp] [.200.31.144.158][36077] -> [..74.111.203.55][..427] + detected: [...299] [ip4][..udp] [.200.31.144.158][36077] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...298] [ip4][..udp] [.200.31.144.158][49681] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...297] [ip4][..udp] [.200.31.144.158][50776] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 305 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 299|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...300] [ip4][..udp] [.66.224.226.183][52476] -> [..165.144.84.62][..427] + detected: [...300] [ip4][..udp] [.66.224.226.183][52476] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...299] [ip4][..udp] [.200.31.144.158][36077] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 306 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 300|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...301] [ip4][..udp] [..91.33.106.218][59902] -> [..69.109.187.54][..427] + detected: [...301] [ip4][..udp] [..91.33.106.218][59902] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...300] [ip4][..udp] [.66.224.226.183][52476] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 307 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 301|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...302] [ip4][..udp] [..206.204.24.90][50356] -> [...85.111.52.57][..427] + detected: [...302] [ip4][..udp] [..206.204.24.90][50356] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...301] [ip4][..udp] [..91.33.106.218][59902] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 308 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 302|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...303] [ip4][..udp] [..76.45.103.228][55007] -> [..90.111.212.50][..427] + detected: [...303] [ip4][..udp] [..76.45.103.228][55007] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...302] [ip4][..udp] [..206.204.24.90][50356] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...304] [ip4][..udp] [218.118.131.113][.8622] -> [.186.112.202.53][..427] + detected: [...304] [ip4][..udp] [218.118.131.113][.8622] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...303] [ip4][..udp] [..76.45.103.228][55007] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 310 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 304|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...305] [ip4][..udp] [.189.229.250.75][50111] -> [.165.114.202.61][..427] + detected: [...305] [ip4][..udp] [.189.229.250.75][50111] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...304] [ip4][..udp] [218.118.131.113][.8622] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 311 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 305|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...306] [ip4][..udp] [165.128.253.116][21256] -> [..69.109.187.54][..427] + detected: [...306] [ip4][..udp] [165.128.253.116][21256] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...305] [ip4][..udp] [.189.229.250.75][50111] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 312 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 306|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...307] [ip4][..udp] [..94.230.158.79][55750] -> [..74.111.203.55][..427] + detected: [...307] [ip4][..udp] [..94.230.158.79][55750] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...306] [ip4][..udp] [165.128.253.116][21256] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...308] [ip4][..udp] [..35.252.69.113][37602] -> [..90.145.180.58][..427] + detected: [...308] [ip4][..udp] [..35.252.69.113][37602] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...307] [ip4][..udp] [..94.230.158.79][55750] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 314 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 308|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...309] [ip4][..udp] [152.255.170.124][46606] -> [..90.147.171.51][..427] + detected: [...309] [ip4][..udp] [152.255.170.124][46606] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...308] [ip4][..udp] [..35.252.69.113][37602] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 315 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 309|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...310] [ip4][..udp] [..67.159.16.150][54818] -> [.165.114.202.61][..427] + detected: [...310] [ip4][..udp] [..67.159.16.150][54818] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...309] [ip4][..udp] [152.255.170.124][46606] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 316 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 310|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...311] [ip4][..udp] [...93.26.159.17][57065] -> [.186.112.202.53][..427] + detected: [...311] [ip4][..udp] [...93.26.159.17][57065] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...310] [ip4][..udp] [..67.159.16.150][54818] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 317 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 311|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...312] [ip4][..udp] [.217.31.231.255][49891] -> [...90.141.37.56][..427] + detected: [...312] [ip4][..udp] [.217.31.231.255][49891] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...311] [ip4][..udp] [...93.26.159.17][57065] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 318 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 312|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...313] [ip4][..udp] [..67.159.16.150][12620] -> [..165.144.84.62][..427] + detected: [...313] [ip4][..udp] [..67.159.16.150][12620] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...312] [ip4][..udp] [.217.31.231.255][49891] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 319 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 313|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...314] [ip4][..udp] [.91.255.107.116][12480] -> [...85.111.52.57][..427] + detected: [...314] [ip4][..udp] [.91.255.107.116][12480] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...313] [ip4][..udp] [..67.159.16.150][12620] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...315] [ip4][..udp] [175.239.255.217][53820] -> [..69.109.187.54][..427] + detected: [...315] [ip4][..udp] [175.239.255.217][53820] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...314] [ip4][..udp] [.91.255.107.116][12480] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 321 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 315|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...316] [ip4][..udp] [..67.159.16.150][53644] -> [..90.145.180.58][..427] + detected: [...316] [ip4][..udp] [..67.159.16.150][53644] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...315] [ip4][..udp] [175.239.255.217][53820] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 322 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 316|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...317] [ip4][..udp] [..7.110.179.205][58317] -> [..165.144.84.62][..427] + detected: [...317] [ip4][..udp] [..7.110.179.205][58317] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...316] [ip4][..udp] [..67.159.16.150][53644] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 323 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 317|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] + new: [...318] [ip4][..udp] [201.237.135.210][37975] -> [.165.114.202.61][..427] + detected: [...318] [ip4][..udp] [201.237.135.210][37975] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...317] [ip4][..udp] [..7.110.179.205][58317] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...319] [ip4][..udp] [.57.162.128.234][63808] -> [...85.111.52.57][..427] + detected: [...319] [ip4][..udp] [.57.162.128.234][63808] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...318] [ip4][..udp] [201.237.135.210][37975] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 325 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 319|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...320] [ip4][..udp] [..120.46.80.212][60012] -> [..74.111.203.55][..427] + detected: [...320] [ip4][..udp] [..120.46.80.212][60012] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...319] [ip4][..udp] [.57.162.128.234][63808] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...318] [ip4][..udp] [201.237.135.210][37975] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 326 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 320|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...321] [ip4][..udp] [.57.162.128.234][48188] -> [..69.109.187.54][..427] + detected: [...321] [ip4][..udp] [.57.162.128.234][48188] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...320] [ip4][..udp] [..120.46.80.212][60012] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...322] [ip4][..udp] [.57.162.128.234][19665] -> [...90.141.37.56][..427] + detected: [...322] [ip4][..udp] [.57.162.128.234][19665] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...321] [ip4][..udp] [.57.162.128.234][48188] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 328 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 322|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...323] [ip4][..udp] [201.237.135.210][.6545] -> [..90.145.180.58][..427] + detected: [...323] [ip4][..udp] [201.237.135.210][.6545] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...322] [ip4][..udp] [.57.162.128.234][19665] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...324] [ip4][..udp] [.247.93.183.197][10997] -> [..90.147.171.51][..427] + detected: [...324] [ip4][..udp] [.247.93.183.197][10997] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...325] [ip4][..udp] [.247.93.183.197][.8213] -> [.186.112.202.53][..427] + detected: [...325] [ip4][..udp] [.247.93.183.197][.8213] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...323] [ip4][..udp] [201.237.135.210][.6545] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 331 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 325|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...326] [ip4][..udp] [....37.97.4.125][16072] -> [...90.141.37.56][..427] + detected: [...326] [ip4][..udp] [....37.97.4.125][16072] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...325] [ip4][..udp] [.247.93.183.197][.8213] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...324] [ip4][..udp] [.247.93.183.197][10997] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 332 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 326|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...327] [ip4][..udp] [.246.75.104.115][34761] -> [...85.111.52.57][..427] + detected: [...327] [ip4][..udp] [.246.75.104.115][34761] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...326] [ip4][..udp] [....37.97.4.125][16072] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 333 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 327|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...328] [ip4][..udp] [182.180.120.139][51620] -> [...90.141.37.56][..427] + detected: [...328] [ip4][..udp] [182.180.120.139][51620] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...327] [ip4][..udp] [.246.75.104.115][34761] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 334 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 328|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...329] [ip4][..udp] [..19.99.146.156][41843] -> [..90.145.180.58][..427] + detected: [...329] [ip4][..udp] [..19.99.146.156][41843] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...328] [ip4][..udp] [182.180.120.139][51620] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...330] [ip4][..udp] [.98.103.253.115][29266] -> [..90.111.212.50][..427] + detected: [...330] [ip4][..udp] [.98.103.253.115][29266] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 336 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 330|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...331] [ip4][..udp] [200.180.144.114][34997] -> [..90.111.212.50][..427] + detected: [...331] [ip4][..udp] [200.180.144.114][34997] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...329] [ip4][..udp] [..19.99.146.156][41843] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...330] [ip4][..udp] [.98.103.253.115][29266] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 337 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 331|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...332] [ip4][..udp] [200.180.144.114][32881] -> [..90.147.171.51][..427] + detected: [...332] [ip4][..udp] [200.180.144.114][32881] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...331] [ip4][..udp] [200.180.144.114][34997] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 338 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 332|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...333] [ip4][..udp] [200.180.144.114][36679] -> [..165.144.84.62][..427] + detected: [...333] [ip4][..udp] [200.180.144.114][36679] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...332] [ip4][..udp] [200.180.144.114][32881] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 339 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 333|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...334] [ip4][..udp] [.19.156.188.155][50741] -> [.186.112.202.53][..427] + detected: [...334] [ip4][..udp] [.19.156.188.155][50741] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...333] [ip4][..udp] [200.180.144.114][36679] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 340 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 334|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...335] [ip4][..udp] [134.180.144.149][52293] -> [..69.109.187.54][..427] + detected: [...335] [ip4][..udp] [134.180.144.149][52293] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...334] [ip4][..udp] [.19.156.188.155][50741] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...336] [ip4][..udp] [200.180.144.114][57184] -> [..74.111.203.55][..427] + detected: [...336] [ip4][..udp] [200.180.144.114][57184] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...335] [ip4][..udp] [134.180.144.149][52293] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 342 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 336|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...337] [ip4][..udp] [..46.100.97.147][54751] -> [.165.114.202.61][..427] + detected: [...337] [ip4][..udp] [..46.100.97.147][54751] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...336] [ip4][..udp] [200.180.144.114][57184] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 343 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 337|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] + new: [...338] [ip4][..udp] [..199.17.16.175][58914] -> [..90.147.171.51][..427] + detected: [...338] [ip4][..udp] [..199.17.16.175][58914] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...337] [ip4][..udp] [..46.100.97.147][54751] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...339] [ip4][..udp] [..199.17.16.175][58914] -> [.165.114.202.61][..427] + detected: [...339] [ip4][..udp] [..199.17.16.175][58914] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...340] [ip4][..udp] [..199.17.16.175][58914] -> [..69.109.187.54][..427] + detected: [...340] [ip4][..udp] [..199.17.16.175][58914] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...341] [ip4][..udp] [..199.17.16.175][58914] -> [.186.112.202.53][..427] + detected: [...341] [ip4][..udp] [..199.17.16.175][58914] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...342] [ip4][..udp] [..199.17.16.175][58914] -> [..90.111.212.50][..427] + detected: [...342] [ip4][..udp] [..199.17.16.175][58914] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...339] [ip4][..udp] [..199.17.16.175][58914] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...338] [ip4][..udp] [..199.17.16.175][58914] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 348 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 5 / 342|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...343] [ip4][..udp] [..198.215.2.104][55462] -> [.165.114.202.61][..427] + detected: [...343] [ip4][..udp] [..198.215.2.104][55462] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...342] [ip4][..udp] [..199.17.16.175][58914] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...341] [ip4][..udp] [..199.17.16.175][58914] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...339] [ip4][..udp] [..199.17.16.175][58914] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...338] [ip4][..udp] [..199.17.16.175][58914] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...340] [ip4][..udp] [..199.17.16.175][58914] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...344] [ip4][..udp] [.27.134.169.220][54219] -> [.165.114.202.61][..427] + detected: [...344] [ip4][..udp] [.27.134.169.220][54219] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...343] [ip4][..udp] [..198.215.2.104][55462] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 350 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 344|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...345] [ip4][..udp] [....80.16.56.40][49864] -> [..74.111.203.55][..427] + detected: [...345] [ip4][..udp] [....80.16.56.40][49864] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...344] [ip4][..udp] [.27.134.169.220][54219] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 351 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 345|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...346] [ip4][..udp] [206.240.152.225][52955] -> [..90.145.180.58][..427] + detected: [...346] [ip4][..udp] [206.240.152.225][52955] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...345] [ip4][..udp] [....80.16.56.40][49864] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 352 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 346|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...347] [ip4][..udp] [.172.206.191.39][55684] -> [..165.144.84.62][..427] + detected: [...347] [ip4][..udp] [.172.206.191.39][55684] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...346] [ip4][..udp] [206.240.152.225][52955] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 353 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 347|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...348] [ip4][..udp] [..175.206.31.84][52553] -> [..69.109.187.54][..427] + detected: [...348] [ip4][..udp] [..175.206.31.84][52553] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...347] [ip4][..udp] [.172.206.191.39][55684] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 354 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 348|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...349] [ip4][..udp] [...80.51.127.74][54217] -> [...85.111.52.57][..427] + detected: [...349] [ip4][..udp] [...80.51.127.74][54217] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...348] [ip4][..udp] [..175.206.31.84][52553] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 355 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 349|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...350] [ip4][..udp] [...198.23.89.28][51231] -> [.186.112.202.53][..427] + detected: [...350] [ip4][..udp] [...198.23.89.28][51231] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...349] [ip4][..udp] [...80.51.127.74][54217] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 356 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 350|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...351] [ip4][..udp] [...98.137.3.114][25821] -> [..74.111.203.55][..427] + detected: [...351] [ip4][..udp] [...98.137.3.114][25821] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...350] [ip4][..udp] [...198.23.89.28][51231] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...352] [ip4][..udp] [219.160.101.209][10322] -> [.186.112.202.53][..427] + detected: [...352] [ip4][..udp] [219.160.101.209][10322] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...351] [ip4][..udp] [...98.137.3.114][25821] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 358 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 352|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...353] [ip4][..udp] [161.231.128.245][50837] -> [...90.141.37.56][..427] + detected: [...353] [ip4][..udp] [161.231.128.245][50837] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...352] [ip4][..udp] [219.160.101.209][10322] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 359 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 353|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...354] [ip4][..udp] [..166.191.37.51][27637] -> [.165.114.202.61][..427] + detected: [...354] [ip4][..udp] [..166.191.37.51][27637] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...355] [ip4][..udp] [...70.63.213.48][64393] -> [..90.147.171.51][..427] + detected: [...355] [ip4][..udp] [...70.63.213.48][64393] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...353] [ip4][..udp] [161.231.128.245][50837] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 361 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 355|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] + new: [...356] [ip4][..udp] [..89.198.219.40][13087] -> [..69.109.187.54][..427] + detected: [...356] [ip4][..udp] [..89.198.219.40][13087] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...355] [ip4][..udp] [...70.63.213.48][64393] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...354] [ip4][..udp] [..166.191.37.51][27637] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...357] [ip4][..udp] [..190.65.219.43][.9161] -> [..90.111.212.50][..427] + detected: [...357] [ip4][..udp] [..190.65.219.43][.9161] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...356] [ip4][..udp] [..89.198.219.40][13087] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...358] [ip4][..udp] [.191.198.219.36][43241] -> [...85.111.52.57][..427] + detected: [...358] [ip4][..udp] [.191.198.219.36][43241] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...357] [ip4][..udp] [..190.65.219.43][.9161] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...359] [ip4][..udp] [..166.191.37.51][27637] -> [.186.112.202.53][..427] + detected: [...359] [ip4][..udp] [..166.191.37.51][27637] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 365 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 3 / 359|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 58] + new: [...360] [ip4][..udp] [...94.70.203.49][.9065] -> [..74.111.203.55][..427] + detected: [...360] [ip4][..udp] [...94.70.203.49][.9065] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...358] [ip4][..udp] [.191.198.219.36][43241] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...359] [ip4][..udp] [..166.191.37.51][27637] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...357] [ip4][..udp] [..190.65.219.43][.9161] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...361] [ip4][..udp] [..166.191.37.51][27637] -> [..165.144.84.62][..427] + detected: [...361] [ip4][..udp] [..166.191.37.51][27637] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...362] [ip4][..udp] [...166.65.42.37][37412] -> [...90.141.37.56][..427] + detected: [...362] [ip4][..udp] [...166.65.42.37][37412] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...360] [ip4][..udp] [...94.70.203.49][.9065] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...363] [ip4][..udp] [...185.211.4.13][55127] -> [..90.111.212.50][..427] + detected: [...363] [ip4][..udp] [...185.211.4.13][55127] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...362] [ip4][..udp] [...166.65.42.37][37412] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...361] [ip4][..udp] [..166.191.37.51][27637] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 369 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 3 / 363|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] + detected: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...362] [ip4][..udp] [...166.65.42.37][37412] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...363] [ip4][..udp] [...185.211.4.13][55127] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...361] [ip4][..udp] [..166.191.37.51][27637] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 370 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 364|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...365] [ip4][..udp] [.227.199.90.122][44046] -> [..90.111.212.50][..427] + detected: [...365] [ip4][..udp] [.227.199.90.122][44046] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 371 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 365|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...366] [ip4][..udp] [200.180.144.114][47863] -> [..90.147.171.51][..427] + detected: [...366] [ip4][..udp] [200.180.144.114][47863] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...365] [ip4][..udp] [.227.199.90.122][44046] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 372 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 366|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...367] [ip4][..udp] [..19.99.146.156][32952] -> [..74.111.203.55][..427] + detected: [...367] [ip4][..udp] [..19.99.146.156][32952] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...366] [ip4][..udp] [200.180.144.114][47863] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 373 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 367|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...368] [ip4][..udp] [209.124.163.157][55599] -> [..69.109.187.54][..427] + detected: [...368] [ip4][..udp] [209.124.163.157][55599] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...367] [ip4][..udp] [..19.99.146.156][32952] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 374 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 368|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...369] [ip4][..udp] [.227.134.81.212][54859] -> [..90.145.180.58][..427] + detected: [...369] [ip4][..udp] [.227.134.81.212][54859] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...368] [ip4][..udp] [209.124.163.157][55599] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 375 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 369|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...370] [ip4][..udp] [.45.131.161.152][49844] -> [.186.112.202.53][..427] + detected: [...370] [ip4][..udp] [.45.131.161.152][49844] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...369] [ip4][..udp] [.227.134.81.212][54859] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...371] [ip4][..udp] [134.180.144.149][49951] -> [..90.145.180.58][..427] + detected: [...371] [ip4][..udp] [134.180.144.149][49951] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...370] [ip4][..udp] [.45.131.161.152][49844] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 377 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 371|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...372] [ip4][..udp] [184.180.168.240][42561] -> [...85.111.52.57][..427] + detected: [...372] [ip4][..udp] [184.180.168.240][42561] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...371] [ip4][..udp] [134.180.144.149][49951] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...373] [ip4][..udp] [210.124.156.149][41895] -> [..165.144.84.62][..427] + detected: [...373] [ip4][..udp] [210.124.156.149][41895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...372] [ip4][..udp] [184.180.168.240][42561] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 379 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 373|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...374] [ip4][..udp] [182.180.120.139][45313] -> [.165.114.202.61][..427] + detected: [...374] [ip4][..udp] [182.180.120.139][45313] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...373] [ip4][..udp] [210.124.156.149][41895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...375] [ip4][..udp] [208.123.176.154][58457] -> [...90.141.37.56][..427] + detected: [...375] [ip4][..udp] [208.123.176.154][58457] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...374] [ip4][..udp] [182.180.120.139][45313] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 381 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 375|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...376] [ip4][..udp] [.27.134.169.220][38445] -> [...85.111.52.57][..427] + detected: [...376] [ip4][..udp] [.27.134.169.220][38445] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...375] [ip4][..udp] [208.123.176.154][58457] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...377] [ip4][..udp] [239.100.141.153][47597] -> [..74.111.203.55][..427] + detected: [...377] [ip4][..udp] [239.100.141.153][47597] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...376] [ip4][..udp] [.27.134.169.220][38445] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 383 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 377|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...378] [ip4][..udp] [157.121.130.117][.7470] -> [..165.144.84.62][..427] + detected: [...378] [ip4][..udp] [157.121.130.117][.7470] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...377] [ip4][..udp] [239.100.141.153][47597] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 384 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 378|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...379] [ip4][..udp] [.36.231.109.217][49319] -> [..90.111.212.50][..427] + detected: [...379] [ip4][..udp] [.36.231.109.217][49319] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...378] [ip4][..udp] [157.121.130.117][.7470] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 385 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 379|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] + new: [...380] [ip4][..udp] [...209.44.167.7][53096] -> [..90.111.212.50][..427] + detected: [...380] [ip4][..udp] [...209.44.167.7][53096] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...379] [ip4][..udp] [.36.231.109.217][49319] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...381] [ip4][..udp] [..99.199.77.211][45829] -> [..165.144.84.62][..427] + detected: [...381] [ip4][..udp] [..99.199.77.211][45829] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...380] [ip4][..udp] [...209.44.167.7][53096] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 387 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 381|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 61] + new: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] + detected: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...381] [ip4][..udp] [..99.199.77.211][45829] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...380] [ip4][..udp] [...209.44.167.7][53096] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] + detected: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] + detected: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] + detected: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...386] [ip4][..udp] [.215.48.253.201][39194] -> [..69.109.187.54][..427] + detected: [...386] [ip4][..udp] [.215.48.253.201][39194] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...387] [ip4][..udp] [.215.48.253.201][46653] -> [..90.145.180.58][..427] + detected: [...387] [ip4][..udp] [.215.48.253.201][46653] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] + detected: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...389] [ip4][..udp] [.215.48.253.201][53506] -> [.165.114.202.61][..427] + detected: [...389] [ip4][..udp] [.215.48.253.201][53506] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...386] [ip4][..udp] [.215.48.253.201][39194] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...387] [ip4][..udp] [.215.48.253.201][46653] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...390] [ip4][..udp] [.215.48.253.201][49672] -> [.186.112.202.53][..427] + detected: [...390] [ip4][..udp] [.215.48.253.201][49672] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...386] [ip4][..udp] [.215.48.253.201][39194] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...387] [ip4][..udp] [.215.48.253.201][46653] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...389] [ip4][..udp] [.215.48.253.201][53506] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 396 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 7 / 390|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] + new: [...391] [ip4][..udp] [..44.242.231.77][50261] -> [.186.112.202.53][..427] + detected: [...391] [ip4][..udp] [..44.242.231.77][50261] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...386] [ip4][..udp] [.215.48.253.201][39194] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...387] [ip4][..udp] [.215.48.253.201][46653] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...390] [ip4][..udp] [.215.48.253.201][49672] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...389] [ip4][..udp] [.215.48.253.201][53506] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...392] [ip4][..udp] [..37.234.100.32][56813] -> [..90.145.180.58][..427] + detected: [...392] [ip4][..udp] [..37.234.100.32][56813] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...391] [ip4][..udp] [..44.242.231.77][50261] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 398 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 392|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] + new: [...393] [ip4][..udp] [.27.134.169.220][44054] -> [...90.141.37.56][..427] + detected: [...393] [ip4][..udp] [.27.134.169.220][44054] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...392] [ip4][..udp] [..37.234.100.32][56813] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 399 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 393|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] + new: [...394] [ip4][..udp] [..67.159.16.150][46249] -> [..74.111.203.55][..427] + detected: [...394] [ip4][..udp] [..67.159.16.150][46249] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...393] [ip4][..udp] [.27.134.169.220][44054] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 400 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 394|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] + new: [...395] [ip4][..udp] [.27.134.169.220][64251] -> [..74.111.203.55][..427] + detected: [...395] [ip4][..udp] [.27.134.169.220][64251] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...394] [ip4][..udp] [..67.159.16.150][46249] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...396] [ip4][..udp] [....88.71.42.58][15464] -> [..165.144.84.62][..427] + detected: [...396] [ip4][..udp] [....88.71.42.58][15464] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...395] [ip4][..udp] [.27.134.169.220][64251] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 402 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 396|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] + new: [...397] [ip4][..udp] [..191.62.219.57][29227] -> [.186.112.202.53][..427] + detected: [...397] [ip4][..udp] [..191.62.219.57][29227] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...396] [ip4][..udp] [....88.71.42.58][15464] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...398] [ip4][..udp] [...190.71.42.54][47364] -> [..69.109.187.54][..427] + detected: [...398] [ip4][..udp] [...190.71.42.54][47364] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...397] [ip4][..udp] [..191.62.219.57][29227] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 404 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 398|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] + new: [...399] [ip4][..udp] [..166.62.197.60][35606] -> [.165.114.202.61][..427] + detected: [...399] [ip4][..udp] [..166.62.197.60][35606] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...398] [ip4][..udp] [...190.71.42.54][47364] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...400] [ip4][..udp] [..191.62.219.57][18685] -> [..90.111.212.50][..427] + detected: [...400] [ip4][..udp] [..191.62.219.57][18685] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...399] [ip4][..udp] [..166.62.197.60][35606] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 406 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 400|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] + new: [...401] [ip4][..udp] [...88.70.212.56][65013] -> [...85.111.52.57][..427] + detected: [...401] [ip4][..udp] [...88.70.212.56][65013] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...400] [ip4][..udp] [..191.62.219.57][18685] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...402] [ip4][..udp] [..184.199.42.59][42047] -> [...90.141.37.56][..427] + detected: [...402] [ip4][..udp] [..184.199.42.59][42047] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...401] [ip4][..udp] [...88.70.212.56][65013] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...403] [ip4][..udp] [..161.199.58.19][64864] -> [..90.147.171.51][..427] + detected: [...403] [ip4][..udp] [..161.199.58.19][64864] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...402] [ip4][..udp] [..184.199.42.59][42047] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...401] [ip4][..udp] [...88.70.212.56][65013] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 409 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 403|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] + new: [...404] [ip4][..udp] [..161.62.218.52][37093] -> [..74.111.203.55][..427] + detected: [...404] [ip4][..udp] [..161.62.218.52][37093] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...403] [ip4][..udp] [..161.199.58.19][64864] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 410 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 404|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] + new: [...405] [ip4][..udp] [.194.43.223.106][55142] -> [.165.114.202.61][..427] + detected: [...405] [ip4][..udp] [.194.43.223.106][55142] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...404] [ip4][..udp] [..161.62.218.52][37093] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 411 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 405|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] + new: [...406] [ip4][..udp] [226.158.252.127][33255] -> [...85.111.52.57][..427] + detected: [...406] [ip4][..udp] [226.158.252.127][33255] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...405] [ip4][..udp] [.194.43.223.106][55142] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 412 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 406|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] + new: [...407] [ip4][..udp] [.200.31.144.158][36149] -> [.186.112.202.53][..427] + detected: [...407] [ip4][..udp] [.200.31.144.158][36149] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...406] [ip4][..udp] [226.158.252.127][33255] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 413 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 407|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] + new: [...408] [ip4][..udp] [.200.31.144.158][45294] -> [.165.114.202.61][..427] + detected: [...408] [ip4][..udp] [.200.31.144.158][45294] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...407] [ip4][..udp] [.200.31.144.158][36149] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...409] [ip4][..udp] [.200.31.144.158][45056] -> [..90.145.180.58][..427] + detected: [...409] [ip4][..udp] [.200.31.144.158][45056] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...408] [ip4][..udp] [.200.31.144.158][45294] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...410] [ip4][..udp] [.93.102.124.112][10968] -> [..90.147.171.51][..427] + detected: [...410] [ip4][..udp] [.93.102.124.112][10968] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...409] [ip4][..udp] [.200.31.144.158][45056] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 416 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 410|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 80] + new: [...411] [ip4][..udp] [.200.31.144.158][54431] -> [...90.141.37.56][..427] + detected: [...411] [ip4][..udp] [.200.31.144.158][54431] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...409] [ip4][..udp] [.200.31.144.158][45056] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...410] [ip4][..udp] [.93.102.124.112][10968] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...412] [ip4][..udp] [.200.31.144.158][59262] -> [..90.147.171.51][..427] + detected: [...412] [ip4][..udp] [.200.31.144.158][59262] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...411] [ip4][..udp] [.200.31.144.158][54431] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...413] [ip4][..udp] [.200.31.144.158][51675] -> [..69.109.187.54][..427] + detected: [...413] [ip4][..udp] [.200.31.144.158][51675] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...412] [ip4][..udp] [.200.31.144.158][59262] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 419 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 413|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...414] [ip4][..udp] [.174.237.64.176][49218] -> [...90.141.37.56][..427] + detected: [...414] [ip4][..udp] [.174.237.64.176][49218] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...413] [ip4][..udp] [.200.31.144.158][51675] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...412] [ip4][..udp] [.200.31.144.158][59262] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...415] [ip4][..udp] [.200.31.144.158][57345] -> [..165.144.84.62][..427] + detected: [...415] [ip4][..udp] [.200.31.144.158][57345] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...414] [ip4][..udp] [.174.237.64.176][49218] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...416] [ip4][..udp] [.200.31.144.158][57245] -> [...85.111.52.57][..427] + detected: [...416] [ip4][..udp] [.200.31.144.158][57245] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 422 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 416|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...417] [ip4][..udp] [193.219.252.221][51650] -> [..90.147.171.51][..427] + detected: [...417] [ip4][..udp] [193.219.252.221][51650] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...416] [ip4][..udp] [.200.31.144.158][57245] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...415] [ip4][..udp] [.200.31.144.158][57345] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 423 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 417|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...418] [ip4][..udp] [.200.31.144.158][41180] -> [..74.111.203.55][..427] + detected: [...418] [ip4][..udp] [.200.31.144.158][41180] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...417] [ip4][..udp] [193.219.252.221][51650] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 424 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 418|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...419] [ip4][..udp] [.200.31.144.158][40785] -> [..90.111.212.50][..427] + detected: [...419] [ip4][..udp] [.200.31.144.158][40785] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...418] [ip4][..udp] [.200.31.144.158][41180] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 425 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 419|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...420] [ip4][..udp] [..174.18.32.224][53272] -> [..74.111.203.55][..427] + detected: [...420] [ip4][..udp] [..174.18.32.224][53272] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...419] [ip4][..udp] [.200.31.144.158][40785] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...421] [ip4][..udp] [237.132.176.136][59095] -> [..69.109.187.54][..427] + detected: [...421] [ip4][..udp] [237.132.176.136][59095] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...420] [ip4][..udp] [..174.18.32.224][53272] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 427 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 421|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...422] [ip4][..udp] [...37.36.31.210][53791] -> [..165.144.84.62][..427] + detected: [...422] [ip4][..udp] [...37.36.31.210][53791] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...421] [ip4][..udp] [237.132.176.136][59095] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 428 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 422|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...423] [ip4][..udp] [.91.255.107.116][34976] -> [...85.111.52.57][..427] + detected: [...423] [ip4][..udp] [.91.255.107.116][34976] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...422] [ip4][..udp] [...37.36.31.210][53791] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 429 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 423|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...424] [ip4][..udp] [....47.51.0.222][53190] -> [..69.109.187.54][..427] + detected: [...424] [ip4][..udp] [....47.51.0.222][53190] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...423] [ip4][..udp] [.91.255.107.116][34976] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 430 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 424|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...425] [ip4][..udp] [.238.156.97.151][35769] -> [..74.111.203.55][..427] + detected: [...425] [ip4][..udp] [.238.156.97.151][35769] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...424] [ip4][..udp] [....47.51.0.222][53190] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...426] [ip4][..udp] [134.180.144.149][33745] -> [...85.111.52.57][..427] + detected: [...426] [ip4][..udp] [134.180.144.149][33745] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...425] [ip4][..udp] [.238.156.97.151][35769] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 432 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 426|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...427] [ip4][..udp] [.246.75.104.115][37012] -> [..90.147.171.51][..427] + detected: [...427] [ip4][..udp] [.246.75.104.115][37012] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...426] [ip4][..udp] [134.180.144.149][33745] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 433 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 427|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...428] [ip4][..udp] [.70.180.111.241][54319] -> [.165.114.202.61][..427] + detected: [...428] [ip4][..udp] [.70.180.111.241][54319] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...427] [ip4][..udp] [.246.75.104.115][37012] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 434 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 428|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...429] [ip4][..udp] [..19.99.146.156][59479] -> [..90.111.212.50][..427] + detected: [...429] [ip4][..udp] [..19.99.146.156][59479] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...428] [ip4][..udp] [.70.180.111.241][54319] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...430] [ip4][..udp] [.246.75.104.115][46227] -> [..90.145.180.58][..427] + detected: [...430] [ip4][..udp] [.246.75.104.115][46227] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...431] [ip4][..udp] [..227.7.178.223][16085] -> [..74.111.203.55][..427] + detected: [...431] [ip4][..udp] [..227.7.178.223][16085] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...430] [ip4][..udp] [.246.75.104.115][46227] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...429] [ip4][..udp] [..19.99.146.156][59479] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 437 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 431|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...432] [ip4][..udp] [.246.75.104.115][37571] -> [...90.141.37.56][..427] + detected: [...432] [ip4][..udp] [.246.75.104.115][37571] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...431] [ip4][..udp] [..227.7.178.223][16085] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 438 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 432|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...433] [ip4][..udp] [.70.180.111.241][52184] -> [..69.109.187.54][..427] + detected: [...433] [ip4][..udp] [.70.180.111.241][52184] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...432] [ip4][..udp] [.246.75.104.115][37571] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 439 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 433|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...434] [ip4][..udp] [.246.75.104.115][40378] -> [..165.144.84.62][..427] + detected: [...434] [ip4][..udp] [.246.75.104.115][40378] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...433] [ip4][..udp] [.70.180.111.241][52184] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 440 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 434|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...435] [ip4][..udp] [.138.18.252.120][11561] -> [.165.114.202.61][..427] + detected: [...435] [ip4][..udp] [.138.18.252.120][11561] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...434] [ip4][..udp] [.246.75.104.115][40378] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 441 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 435|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...436] [ip4][..udp] [219.160.101.209][55022] -> [...90.141.37.56][..427] + detected: [...436] [ip4][..udp] [219.160.101.209][55022] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...435] [ip4][..udp] [.138.18.252.120][11561] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 442 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 436|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...437] [ip4][..udp] [..66.228.166.55][51471] -> [..69.109.187.54][..427] + detected: [...437] [ip4][..udp] [..66.228.166.55][51471] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...436] [ip4][..udp] [219.160.101.209][55022] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 443 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 437|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...438] [ip4][..udp] [172.237.152.209][53093] -> [..90.147.171.51][..427] + detected: [...438] [ip4][..udp] [172.237.152.209][53093] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...437] [ip4][..udp] [..66.228.166.55][51471] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 444 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 438|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...439] [ip4][..udp] [...82.19.88.220][49990] -> [.186.112.202.53][..427] + detected: [...439] [ip4][..udp] [...82.19.88.220][49990] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...438] [ip4][..udp] [172.237.152.209][53093] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 445 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 439|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...440] [ip4][..udp] [..167.7.154.125][.2538] -> [...90.141.37.56][..427] + detected: [...440] [ip4][..udp] [..167.7.154.125][.2538] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...439] [ip4][..udp] [...82.19.88.220][49990] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 446 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 440|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...441] [ip4][..udp] [..206.204.24.90][54057] -> [..90.111.212.50][..427] + detected: [...441] [ip4][..udp] [..206.204.24.90][54057] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...440] [ip4][..udp] [..167.7.154.125][.2538] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 447 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 441|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...442] [ip4][..udp] [..185.33.65.208][52802] -> [..74.111.203.55][..427] + detected: [...442] [ip4][..udp] [..185.33.65.208][52802] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...441] [ip4][..udp] [..206.204.24.90][54057] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 448 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 442|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...443] [ip4][..udp] [..35.252.69.113][28374] -> [.186.112.202.53][..427] + detected: [...443] [ip4][..udp] [..35.252.69.113][28374] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...442] [ip4][..udp] [..185.33.65.208][52802] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 449 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 443|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...444] [ip4][..udp] [.47.236.248.231][52985] -> [...90.141.37.56][..427] + detected: [...444] [ip4][..udp] [.47.236.248.231][52985] -> [...90.141.37.56][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...443] [ip4][..udp] [..35.252.69.113][28374] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 450 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 444|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] + new: [...445] [ip4][..udp] [.173.161.10.173][43924] -> [..90.111.212.50][..427] + detected: [...445] [ip4][..udp] [.173.161.10.173][43924] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...444] [ip4][..udp] [.47.236.248.231][52985] -> [...90.141.37.56][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...446] [ip4][..udp] [185.213.154.138][52528] -> [.165.114.202.61][..427] + detected: [...446] [ip4][..udp] [185.213.154.138][52528] -> [.165.114.202.61][..427] [Service_Location_Protocol][Mullvad][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...445] [ip4][..udp] [.173.161.10.173][43924] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...447] [ip4][..udp] [..191.184.52.78][64609] -> [..90.111.212.50][..427] + detected: [...447] [ip4][..udp] [..191.184.52.78][64609] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...445] [ip4][..udp] [.173.161.10.173][43924] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...446] [ip4][..udp] [185.213.154.138][52528] -> [.165.114.202.61][..427] [Service_Location_Protocol][Mullvad][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 453 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 447|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 82] + new: [...448] [ip4][..udp] [..167.65.212.80][.3597] -> [..165.144.84.62][..427] + detected: [...448] [ip4][..udp] [..167.65.212.80][.3597] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...447] [ip4][..udp] [..191.184.52.78][64609] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...449] [ip4][..udp] [..185.62.196.74][50485] -> [.165.114.202.61][..427] + detected: [...449] [ip4][..udp] [..185.62.196.74][50485] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...448] [ip4][..udp] [..167.65.212.80][.3597] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 455 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 449|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 82] + new: [...450] [ip4][..udp] [..167.65.212.80][.8856] -> [..90.145.180.58][..427] + detected: [...450] [ip4][..udp] [..167.65.212.80][.8856] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...449] [ip4][..udp] [..185.62.196.74][50485] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...451] [ip4][..udp] [....65.70.43.75][46615] -> [..74.111.203.55][..427] + detected: [...451] [ip4][..udp] [....65.70.43.75][46615] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...452] [ip4][..udp] [....64.64.43.81][58560] -> [...90.141.37.56][..427] + detected: [...452] [ip4][..udp] [....64.64.43.81][58560] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...451] [ip4][..udp] [....65.70.43.75][46615] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...450] [ip4][..udp] [..167.65.212.80][.8856] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 458 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 452|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 82] + new: [...453] [ip4][..udp] [....65.70.43.75][24868] -> [...85.111.52.57][..427] + detected: [...453] [ip4][..udp] [....65.70.43.75][24868] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...452] [ip4][..udp] [....64.64.43.81][58560] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...454] [ip4][..udp] [..167.65.212.80][16286] -> [..69.109.187.54][..427] + detected: [...454] [ip4][..udp] [..167.65.212.80][16286] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...453] [ip4][..udp] [....65.70.43.75][24868] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 460 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 454|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 83] + new: [...455] [ip4][..udp] [.34.119.122.126][.2631] -> [..74.111.203.55][..427] + detected: [...455] [ip4][..udp] [.34.119.122.126][.2631] -> [..74.111.203.55][..427] [Service_Location_Protocol][Google][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...454] [ip4][..udp] [..167.65.212.80][16286] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...453] [ip4][..udp] [....65.70.43.75][24868] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...456] [ip4][..udp] [..211.50.152.79][55356] -> [..165.144.84.62][..427] + detected: [...456] [ip4][..udp] [..211.50.152.79][55356] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...455] [ip4][..udp] [.34.119.122.126][.2631] -> [..74.111.203.55][..427] [Service_Location_Protocol][Google][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 462 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 456|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 84] + new: [...457] [ip4][..udp] [.173.161.10.173][45539] -> [.186.112.202.53][..427] + detected: [...457] [ip4][..udp] [.173.161.10.173][45539] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...455] [ip4][..udp] [.34.119.122.126][.2631] -> [..74.111.203.55][..427] [Service_Location_Protocol][Google][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...456] [ip4][..udp] [..211.50.152.79][55356] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] + detected: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...457] [ip4][..udp] [.173.161.10.173][45539] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...459] [ip4][..udp] [...94.64.218.76][16452] -> [.186.112.202.53][..427] + detected: [...459] [ip4][..udp] [...94.64.218.76][16452] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...460] [ip4][..udp] [209.239.135.211][55124] -> [...85.111.52.57][..427] + detected: [...460] [ip4][..udp] [209.239.135.211][55124] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...459] [ip4][..udp] [...94.64.218.76][16452] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 466 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 3 / 460|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 87] + new: [...461] [ip4][..udp] [226.128.122.118][58464] -> [..90.145.180.58][..427] + detected: [...461] [ip4][..udp] [226.128.122.118][58464] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...460] [ip4][..udp] [209.239.135.211][55124] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...459] [ip4][..udp] [...94.64.218.76][16452] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 467 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 461|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 87] + new: [...462] [ip4][..udp] [.34.102.125.120][51324] -> [.165.114.202.61][..427] + detected: [...462] [ip4][..udp] [.34.102.125.120][51324] -> [.165.114.202.61][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...461] [ip4][..udp] [226.128.122.118][58464] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...463] [ip4][..udp] [.173.161.10.173][42304] -> [..165.144.84.62][..427] + detected: [...463] [ip4][..udp] [.173.161.10.173][42304] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...462] [ip4][..udp] [.34.102.125.120][51324] -> [.165.114.202.61][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 469 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 463|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...464] [ip4][..udp] [.173.161.10.173][53096] -> [..90.145.180.58][..427] + detected: [...464] [ip4][..udp] [.173.161.10.173][53096] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...463] [ip4][..udp] [.173.161.10.173][42304] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...462] [ip4][..udp] [.34.102.125.120][51324] -> [.165.114.202.61][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 470 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 464|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...465] [ip4][..udp] [134.180.144.149][51824] -> [...85.111.52.57][..427] + detected: [...465] [ip4][..udp] [134.180.144.149][51824] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...464] [ip4][..udp] [.173.161.10.173][53096] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...466] [ip4][..udp] [236.131.162.157][35531] -> [..90.147.171.51][..427] + detected: [...466] [ip4][..udp] [236.131.162.157][35531] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...465] [ip4][..udp] [134.180.144.149][51824] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...467] [ip4][..udp] [.45.131.161.152][57860] -> [..90.111.212.50][..427] + detected: [...467] [ip4][..udp] [.45.131.161.152][57860] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...466] [ip4][..udp] [236.131.162.157][35531] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 473 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 467|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...468] [ip4][..udp] [.173.161.10.173][60345] -> [...90.141.37.56][..427] + detected: [...468] [ip4][..udp] [.173.161.10.173][60345] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...467] [ip4][..udp] [.45.131.161.152][57860] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 474 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 468|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...469] [ip4][..udp] [..16.99.147.146][60624] -> [...90.141.37.56][..427] + detected: [...469] [ip4][..udp] [..16.99.147.146][60624] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...468] [ip4][..udp] [.173.161.10.173][60345] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 475 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 469|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...470] [ip4][..udp] [182.180.120.139][50595] -> [..165.144.84.62][..427] + detected: [...470] [ip4][..udp] [182.180.120.139][50595] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...469] [ip4][..udp] [..16.99.147.146][60624] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...471] [ip4][..udp] [..19.99.147.148][58452] -> [.165.114.202.61][..427] + detected: [...471] [ip4][..udp] [..19.99.147.148][58452] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...470] [ip4][..udp] [182.180.120.139][50595] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 477 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 471|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...472] [ip4][..udp] [210.124.156.149][52931] -> [..69.109.187.54][..427] + detected: [...472] [ip4][..udp] [210.124.156.149][52931] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...471] [ip4][..udp] [..19.99.147.148][58452] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 478 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 472|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...473] [ip4][..udp] [134.180.144.149][57887] -> [.186.112.202.53][..427] + detected: [...473] [ip4][..udp] [134.180.144.149][57887] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...472] [ip4][..udp] [210.124.156.149][52931] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 479 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 473|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...474] [ip4][..udp] [184.180.168.240][56968] -> [..74.111.203.55][..427] + detected: [...474] [ip4][..udp] [184.180.168.240][56968] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...473] [ip4][..udp] [134.180.144.149][57887] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 480 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 474|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...475] [ip4][..udp] [.16.131.191.144][57563] -> [..90.145.180.58][..427] + detected: [...475] [ip4][..udp] [.16.131.191.144][57563] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...474] [ip4][..udp] [184.180.168.240][56968] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...476] [ip4][..udp] [.173.161.10.173][33195] -> [.165.114.202.61][..427] + detected: [...476] [ip4][..udp] [.173.161.10.173][33195] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...475] [ip4][..udp] [.16.131.191.144][57563] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 482 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 476|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...477] [ip4][..udp] [.173.161.10.173][48688] -> [..90.147.171.51][..427] + detected: [...477] [ip4][..udp] [.173.161.10.173][48688] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...476] [ip4][..udp] [.173.161.10.173][33195] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 483 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 477|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...478] [ip4][..udp] [..231.38.82.221][41269] -> [..165.144.84.62][..427] + detected: [...478] [ip4][..udp] [..231.38.82.221][41269] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...477] [ip4][..udp] [.173.161.10.173][48688] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 484 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 478|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...479] [ip4][..udp] [..35.252.69.113][14173] -> [..69.109.187.54][..427] + detected: [...479] [ip4][..udp] [..35.252.69.113][14173] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...478] [ip4][..udp] [..231.38.82.221][41269] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 485 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 479|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...480] [ip4][..udp] [.173.19.223.218][54527] -> [...85.111.52.57][..427] + detected: [...480] [ip4][..udp] [.173.19.223.218][54527] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...479] [ip4][..udp] [..35.252.69.113][14173] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 486 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 480|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...481] [ip4][..udp] [208.243.248.212][52104] -> [..90.145.180.58][..427] + detected: [...481] [ip4][..udp] [208.243.248.212][52104] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...480] [ip4][..udp] [.173.19.223.218][54527] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...482] [ip4][..udp] [..39.59.139.121][18087] -> [.165.114.202.61][..427] + detected: [...482] [ip4][..udp] [..39.59.139.121][18087] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...481] [ip4][..udp] [208.243.248.212][52104] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 488 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 482|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...483] [ip4][..udp] [.173.161.10.173][33095] -> [..69.109.187.54][..427] + detected: [...483] [ip4][..udp] [.173.161.10.173][33095] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...482] [ip4][..udp] [..39.59.139.121][18087] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 489 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 483|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...484] [ip4][..udp] [.173.161.10.173][42481] -> [...85.111.52.57][..427] + detected: [...484] [ip4][..udp] [.173.161.10.173][42481] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...483] [ip4][..udp] [.173.161.10.173][33095] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...485] [ip4][..udp] [..70.210.68.170][50121] -> [..90.111.212.50][..427] + detected: [...485] [ip4][..udp] [..70.210.68.170][50121] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...484] [ip4][..udp] [.173.161.10.173][42481] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 491 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 485|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...486] [ip4][..udp] [.227.199.90.122][51729] -> [..90.145.180.58][..427] + detected: [...486] [ip4][..udp] [.227.199.90.122][51729] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...485] [ip4][..udp] [..70.210.68.170][50121] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 492 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 486|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...487] [ip4][..udp] [161.231.128.245][56820] -> [..74.111.203.55][..427] + detected: [...487] [ip4][..udp] [161.231.128.245][56820] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...486] [ip4][..udp] [.227.199.90.122][51729] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...488] [ip4][..udp] [.173.161.10.173][55131] -> [..74.111.203.55][..427] + detected: [...488] [ip4][..udp] [.173.161.10.173][55131] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...487] [ip4][..udp] [161.231.128.245][56820] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 494 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 488|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...489] [ip4][..udp] [..99.199.77.211][14222] -> [.165.114.202.61][..427] + detected: [...489] [ip4][..udp] [..99.199.77.211][14222] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...488] [ip4][..udp] [.173.161.10.173][55131] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 495 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 489|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...490] [ip4][..udp] [...222.41.7.222][55970] -> [..90.147.171.51][..427] + detected: [...490] [ip4][..udp] [...222.41.7.222][55970] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...489] [ip4][..udp] [..99.199.77.211][14222] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 496 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 490|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...491] [ip4][..udp] [...89.28.95.249][56710] -> [..165.144.84.62][..427] + detected: [...491] [ip4][..udp] [...89.28.95.249][56710] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...490] [ip4][..udp] [...222.41.7.222][55970] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 497 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 491|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...492] [ip4][..udp] [..85.47.224.171][16312] -> [..74.111.203.55][..427] + detected: [...492] [ip4][..udp] [..85.47.224.171][16312] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...491] [ip4][..udp] [...89.28.95.249][56710] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...493] [ip4][..udp] [..85.47.224.171][46040] -> [..165.144.84.62][..427] + detected: [...493] [ip4][..udp] [..85.47.224.171][46040] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...492] [ip4][..udp] [..85.47.224.171][16312] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...494] [ip4][..udp] [..74.142.40.174][10528] -> [...90.141.37.56][..427] + detected: [...494] [ip4][..udp] [..74.142.40.174][10528] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...493] [ip4][..udp] [..85.47.224.171][46040] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 500 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 494|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...495] [ip4][..udp] [..85.174.88.154][20504] -> [..69.109.187.54][..427] + detected: [...495] [ip4][..udp] [..85.174.88.154][20504] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...494] [ip4][..udp] [..74.142.40.174][10528] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 501 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 495|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] + new: [...496] [ip4][..udp] [170.238.168.143][62476] -> [...85.111.52.57][..427] + detected: [...496] [ip4][..udp] [170.238.168.143][62476] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...495] [ip4][..udp] [..85.174.88.154][20504] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...497] [ip4][..udp] [..170.18.87.162][58469] -> [.186.112.202.53][..427] + detected: [...497] [ip4][..udp] [..170.18.87.162][58469] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...496] [ip4][..udp] [170.238.168.143][62476] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...498] [ip4][..udp] [..85.47.224.171][16312] -> [..90.111.212.50][..427] + detected: [...498] [ip4][..udp] [..85.47.224.171][16312] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...499] [ip4][..udp] [.170.243.40.186][35528] -> [.165.114.202.61][..427] + detected: [...499] [ip4][..udp] [.170.243.40.186][35528] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...497] [ip4][..udp] [..170.18.87.162][58469] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 505 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 3 / 499|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] + new: [...500] [ip4][..udp] [..74.239.16.156][46464] -> [..90.145.180.58][..427] + detected: [...500] [ip4][..udp] [..74.239.16.156][46464] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...498] [ip4][..udp] [..85.47.224.171][16312] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...497] [ip4][..udp] [..170.18.87.162][58469] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...499] [ip4][..udp] [.170.243.40.186][35528] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 506 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 500|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] + new: [...501] [ip4][..udp] [...35.0.100.115][46588] -> [..165.144.84.62][..427] + detected: [...501] [ip4][..udp] [...35.0.100.115][46588] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...500] [ip4][..udp] [..74.239.16.156][46464] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 507 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 501|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] + new: [...502] [ip4][..udp] [.227.134.81.212][17542] -> [..90.147.171.51][..427] + detected: [...502] [ip4][..udp] [.227.134.81.212][17542] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...501] [ip4][..udp] [...35.0.100.115][46588] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 508 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 502|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] + new: [...503] [ip4][..udp] [...93.36.35.136][56600] -> [.165.114.202.61][..427] + detected: [...503] [ip4][..udp] [...93.36.35.136][56600] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...502] [ip4][..udp] [.227.134.81.212][17542] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 509 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 503|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] + new: [...504] [ip4][..udp] [..76.50.135.245][51836] -> [...90.141.37.56][..427] + detected: [...504] [ip4][..udp] [..76.50.135.245][51836] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...503] [ip4][..udp] [...93.36.35.136][56600] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...505] [ip4][..udp] [..69.36.231.230][55374] -> [..69.109.187.54][..427] + detected: [...505] [ip4][..udp] [..69.36.231.230][55374] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...504] [ip4][..udp] [..76.50.135.245][51836] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 511 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 505|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] + new: [...506] [ip4][..udp] [..122.122.167.9][43646] -> [...90.141.37.56][..427] + detected: [...506] [ip4][..udp] [..122.122.167.9][43646] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...505] [ip4][..udp] [..69.36.231.230][55374] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 512 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 506|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] + new: [...507] [ip4][..udp] [.200.31.144.158][48498] -> [.165.114.202.61][..427] + detected: [...507] [ip4][..udp] [.200.31.144.158][48498] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...506] [ip4][..udp] [..122.122.167.9][43646] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 513 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 507|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] + new: [...508] [ip4][..udp] [.200.31.144.158][35848] -> [..90.145.180.58][..427] + detected: [...508] [ip4][..udp] [.200.31.144.158][35848] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...507] [ip4][..udp] [.200.31.144.158][48498] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...509] [ip4][..udp] [.200.31.144.158][38264] -> [..69.109.187.54][..427] + detected: [...509] [ip4][..udp] [.200.31.144.158][38264] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...508] [ip4][..udp] [.200.31.144.158][35848] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 515 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 509|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 90] + new: [...510] [ip4][..udp] [.200.31.144.158][49404] -> [...85.111.52.57][..427] + detected: [...510] [ip4][..udp] [.200.31.144.158][49404] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...509] [ip4][..udp] [.200.31.144.158][38264] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...508] [ip4][..udp] [.200.31.144.158][35848] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...511] [ip4][..udp] [239.131.160.152][40653] -> [..90.147.171.51][..427] + detected: [...511] [ip4][..udp] [239.131.160.152][40653] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...510] [ip4][..udp] [.200.31.144.158][49404] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 517 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 511|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 91] + new: [...512] [ip4][..udp] [.200.31.144.158][33216] -> [..165.144.84.62][..427] + detected: [...512] [ip4][..udp] [.200.31.144.158][33216] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...510] [ip4][..udp] [.200.31.144.158][49404] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...511] [ip4][..udp] [239.131.160.152][40653] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...513] [ip4][..udp] [.200.31.144.158][42236] -> [..90.147.171.51][..427] + detected: [...513] [ip4][..udp] [.200.31.144.158][42236] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...512] [ip4][..udp] [.200.31.144.158][33216] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...514] [ip4][..udp] [237.132.176.136][51278] -> [..74.111.203.55][..427] + detected: [...514] [ip4][..udp] [237.132.176.136][51278] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 520 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 514|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 91] + new: [...515] [ip4][..udp] [.246.75.104.115][50377] -> [.186.112.202.53][..427] + detected: [...515] [ip4][..udp] [.246.75.104.115][50377] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...513] [ip4][..udp] [.200.31.144.158][42236] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...514] [ip4][..udp] [237.132.176.136][51278] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...516] [ip4][..udp] [.70.180.111.241][51457] -> [..165.144.84.62][..427] + detected: [...516] [ip4][..udp] [.70.180.111.241][51457] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...515] [ip4][..udp] [.246.75.104.115][50377] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...517] [ip4][..udp] [.200.31.144.158][48231] -> [.186.112.202.53][..427] + detected: [...517] [ip4][..udp] [.200.31.144.158][48231] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...516] [ip4][..udp] [.70.180.111.241][51457] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 523 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 517|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 92] + new: [...518] [ip4][..udp] [.200.31.144.158][55658] -> [..74.111.203.55][..427] + detected: [...518] [ip4][..udp] [.200.31.144.158][55658] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...517] [ip4][..udp] [.200.31.144.158][48231] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...516] [ip4][..udp] [.70.180.111.241][51457] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...519] [ip4][..udp] [.70.180.111.241][58316] -> [..90.111.212.50][..427] + detected: [...519] [ip4][..udp] [.70.180.111.241][58316] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...518] [ip4][..udp] [.200.31.144.158][55658] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 525 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 519|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 92] + new: [...520] [ip4][..udp] [.200.31.144.158][45270] -> [..90.111.212.50][..427] + detected: [...520] [ip4][..udp] [.200.31.144.158][45270] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...519] [ip4][..udp] [.70.180.111.241][58316] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 526 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 520|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 92] + new: [...521] [ip4][..udp] [200.180.144.114][54554] -> [..69.109.187.54][..427] + detected: [...521] [ip4][..udp] [200.180.144.114][54554] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...520] [ip4][..udp] [.200.31.144.158][45270] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...522] [ip4][..udp] [208.123.176.154][56229] -> [...85.111.52.57][..427] + detected: [...522] [ip4][..udp] [208.123.176.154][56229] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...521] [ip4][..udp] [200.180.144.114][54554] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...523] [ip4][..udp] [.246.75.104.115][57365] -> [...90.141.37.56][..427] + detected: [...523] [ip4][..udp] [.246.75.104.115][57365] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...522] [ip4][..udp] [208.123.176.154][56229] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 529 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 523|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...524] [ip4][..udp] [.194.23.249.243][54741] -> [..74.111.203.55][..427] + detected: [...524] [ip4][..udp] [.194.23.249.243][54741] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...522] [ip4][..udp] [208.123.176.154][56229] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...523] [ip4][..udp] [.246.75.104.115][57365] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 530 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 524|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...525] [ip4][..udp] [165.128.253.116][53358] -> [..165.144.84.62][..427] + detected: [...525] [ip4][..udp] [165.128.253.116][53358] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...524] [ip4][..udp] [.194.23.249.243][54741] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 531 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 525|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...526] [ip4][..udp] [157.120.252.123][11982] -> [.186.112.202.53][..427] + detected: [...526] [ip4][..udp] [157.120.252.123][11982] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...525] [ip4][..udp] [165.128.253.116][53358] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 532 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 526|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...527] [ip4][..udp] [..79.210.95.146][54728] -> [.165.114.202.61][..427] + detected: [...527] [ip4][..udp] [..79.210.95.146][54728] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...526] [ip4][..udp] [157.120.252.123][11982] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 533 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 527|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...528] [ip4][..udp] [..185.31.153.50][50851] -> [.186.112.202.53][..427] + detected: [...528] [ip4][..udp] [..185.31.153.50][50851] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...527] [ip4][..udp] [..79.210.95.146][54728] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 534 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 528|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...529] [ip4][..udp] [.34.119.122.126][34795] -> [...90.141.37.56][..427] + detected: [...529] [ip4][..udp] [.34.119.122.126][34795] -> [...90.141.37.56][..427] [Service_Location_Protocol][Google][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...528] [ip4][..udp] [..185.31.153.50][50851] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 535 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 529|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...530] [ip4][..udp] [.253.112.232.91][40051] -> [..69.109.187.54][..427] + detected: [...530] [ip4][..udp] [.253.112.232.91][40051] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...529] [ip4][..udp] [.34.119.122.126][34795] -> [...90.141.37.56][..427] [Service_Location_Protocol][Google][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 536 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 530|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...531] [ip4][..udp] [.98.103.253.115][47719] -> [..90.111.212.50][..427] + detected: [...531] [ip4][..udp] [.98.103.253.115][47719] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...530] [ip4][..udp] [.253.112.232.91][40051] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...532] [ip4][..udp] [.228.255.84.119][61523] -> [..74.111.203.55][..427] + detected: [...532] [ip4][..udp] [.228.255.84.119][61523] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...531] [ip4][..udp] [.98.103.253.115][47719] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 538 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 532|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...533] [ip4][..udp] [.178.240.255.34][54964] -> [..69.109.187.54][..427] + detected: [...533] [ip4][..udp] [.178.240.255.34][54964] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...532] [ip4][..udp] [.228.255.84.119][61523] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...534] [ip4][..udp] [.89.236.122.100][51926] -> [..90.145.180.58][..427] + detected: [...534] [ip4][..udp] [.89.236.122.100][51926] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...533] [ip4][..udp] [.178.240.255.34][54964] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 540 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 534|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...535] [ip4][..udp] [154.129.123.124][35057] -> [..69.109.187.54][..427] + detected: [...535] [ip4][..udp] [154.129.123.124][35057] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...534] [ip4][..udp] [.89.236.122.100][51926] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 541 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 535|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...536] [ip4][..udp] [..35.252.69.113][61013] -> [..90.111.212.50][..427] + detected: [...536] [ip4][..udp] [..35.252.69.113][61013] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...535] [ip4][..udp] [154.129.123.124][35057] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...537] [ip4][..udp] [..94.210.194.31][53432] -> [...85.111.52.57][..427] + detected: [...537] [ip4][..udp] [..94.210.194.31][53432] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...536] [ip4][..udp] [..35.252.69.113][61013] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 543 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 537|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...538] [ip4][..udp] [..231.38.82.221][16953] -> [..90.111.212.50][..427] + detected: [...538] [ip4][..udp] [..231.38.82.221][16953] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...537] [ip4][..udp] [..94.210.194.31][53432] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...539] [ip4][..udp] [..88.31.110.219][39592] -> [...85.111.52.57][..427] + detected: [...539] [ip4][..udp] [..88.31.110.219][39592] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...538] [ip4][..udp] [..231.38.82.221][16953] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 545 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 539|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...540] [ip4][..udp] [231.223.121.213][.4034] -> [..69.109.187.54][..427] + detected: [...540] [ip4][..udp] [231.223.121.213][.4034] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...539] [ip4][..udp] [..88.31.110.219][39592] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 546 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 540|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] + new: [...541] [ip4][..udp] [...64.63.36.139][49841] -> [.165.114.202.61][..427] + detected: [...541] [ip4][..udp] [...64.63.36.139][49841] -> [.165.114.202.61][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...540] [ip4][..udp] [231.223.121.213][.4034] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...542] [ip4][..udp] [..71.191.53.138][45513] -> [..90.111.212.50][..427] + detected: [...542] [ip4][..udp] [..71.191.53.138][45513] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...541] [ip4][..udp] [...64.63.36.139][49841] -> [.165.114.202.61][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...543] [ip4][..udp] [...64.63.52.142][14637] -> [..90.147.171.51][..427] + detected: [...543] [ip4][..udp] [...64.63.52.142][14637] -> [..90.147.171.51][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...542] [ip4][..udp] [..71.191.53.138][45513] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...541] [ip4][..udp] [...64.63.36.139][49841] -> [.165.114.202.61][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...544] [ip4][..udp] [...64.63.36.139][49841] -> [..69.109.187.54][..427] + detected: [...544] [ip4][..udp] [...64.63.36.139][49841] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...543] [ip4][..udp] [...64.63.52.142][14637] -> [..90.147.171.51][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 550 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 544|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 94] + new: [...545] [ip4][..udp] [..191.57.36.135][30888] -> [..165.144.84.62][..427] + detected: [...545] [ip4][..udp] [..191.57.36.135][30888] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...544] [ip4][..udp] [...64.63.36.139][49841] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...546] [ip4][..udp] [.184.193.58.134][21356] -> [..74.111.203.55][..427] + detected: [...546] [ip4][..udp] [.184.193.58.134][21356] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...544] [ip4][..udp] [...64.63.36.139][49841] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...545] [ip4][..udp] [..191.57.36.135][30888] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...547] [ip4][..udp] [...64.63.52.142][45266] -> [...85.111.52.57][..427] + detected: [...547] [ip4][..udp] [...64.63.52.142][45266] -> [...85.111.52.57][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...545] [ip4][..udp] [..191.57.36.135][30888] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...546] [ip4][..udp] [.184.193.58.134][21356] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...548] [ip4][..udp] [.184.193.58.134][.6016] -> [..90.145.180.58][..427] + detected: [...548] [ip4][..udp] [.184.193.58.134][.6016] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...547] [ip4][..udp] [...64.63.52.142][45266] -> [...85.111.52.57][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...546] [ip4][..udp] [.184.193.58.134][21356] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 554 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 548|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...549] [ip4][..udp] [.184.193.58.134][21356] -> [...90.141.37.56][..427] + detected: [...549] [ip4][..udp] [.184.193.58.134][21356] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...548] [ip4][..udp] [.184.193.58.134][.6016] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 555 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 549|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...550] [ip4][..udp] [..51.242.192.58][51989] -> [..165.144.84.62][..427] + detected: [...550] [ip4][..udp] [..51.242.192.58][51989] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...549] [ip4][..udp] [.184.193.58.134][21356] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 556 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 550|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...551] [ip4][..udp] [.64.193.196.133][45764] -> [.186.112.202.53][..427] + detected: [...551] [ip4][..udp] [.64.193.196.133][45764] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...550] [ip4][..udp] [..51.242.192.58][51989] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 557 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 551|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...552] [ip4][..udp] [.185.29.253.207][55308] -> [...90.141.37.56][..427] + detected: [...552] [ip4][..udp] [.185.29.253.207][55308] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...551] [ip4][..udp] [.64.193.196.133][45764] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 558 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 552|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...553] [ip4][..udp] [...49.49.71.169][56940] -> [..90.147.171.51][..427] + detected: [...553] [ip4][..udp] [...49.49.71.169][56940] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...552] [ip4][..udp] [.185.29.253.207][55308] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 559 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 553|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...554] [ip4][..udp] [...198.23.89.28][55179] -> [..90.111.212.50][..427] + detected: [...554] [ip4][..udp] [...198.23.89.28][55179] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...553] [ip4][..udp] [...49.49.71.169][56940] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 560 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 554|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...555] [ip4][..udp] [..231.38.82.221][33154] -> [.186.112.202.53][..427] + detected: [...555] [ip4][..udp] [..231.38.82.221][33154] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...554] [ip4][..udp] [...198.23.89.28][55179] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 561 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 555|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...556] [ip4][..udp] [...43.95.195.22][50287] -> [...85.111.52.57][..427] + detected: [...556] [ip4][..udp] [...43.95.195.22][50287] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...555] [ip4][..udp] [..231.38.82.221][33154] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 563 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 556|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...557] [ip4][..udp] [..235.98.65.133][26337] -> [.165.114.202.61][..427] + detected: [...557] [ip4][..udp] [..235.98.65.133][26337] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...556] [ip4][..udp] [...43.95.195.22][50287] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 565 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 557|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...558] [ip4][..udp] [.159.60.180.118][39471] -> [.165.114.202.61][..427] + detected: [...558] [ip4][..udp] [.159.60.180.118][39471] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...557] [ip4][..udp] [..235.98.65.133][26337] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 566 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 558|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...559] [ip4][..udp] [.164.192.91.117][41275] -> [..165.144.84.62][..427] + detected: [...559] [ip4][..udp] [.164.192.91.117][41275] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...558] [ip4][..udp] [.159.60.180.118][39471] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 567 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 559|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...560] [ip4][..udp] [155.160.165.208][51124] -> [..69.109.187.54][..427] + detected: [...560] [ip4][..udp] [155.160.165.208][51124] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...559] [ip4][..udp] [.164.192.91.117][41275] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 568 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 560|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...561] [ip4][..udp] [...35.0.100.115][65092] -> [.186.112.202.53][..427] + detected: [...561] [ip4][..udp] [...35.0.100.115][65092] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...560] [ip4][..udp] [155.160.165.208][51124] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 569 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 561|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...562] [ip4][..udp] [231.223.121.213][15170] -> [..90.147.171.51][..427] + detected: [...562] [ip4][..udp] [231.223.121.213][15170] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...561] [ip4][..udp] [...35.0.100.115][65092] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 570 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 562|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...563] [ip4][..udp] [...65.218.6.160][55146] -> [.165.114.202.61][..427] + detected: [...563] [ip4][..udp] [...65.218.6.160][55146] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...562] [ip4][..udp] [231.223.121.213][15170] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 571 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 563|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...564] [ip4][..udp] [.93.102.124.112][64449] -> [...85.111.52.57][..427] + detected: [...564] [ip4][..udp] [.93.102.124.112][64449] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...563] [ip4][..udp] [...65.218.6.160][55146] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 572 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 564|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...565] [ip4][..udp] [..32.248.84.127][45264] -> [...90.141.37.56][..427] + detected: [...565] [ip4][..udp] [..32.248.84.127][45264] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...564] [ip4][..udp] [.93.102.124.112][64449] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 573 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 565|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...566] [ip4][..udp] [....69.24.27.60][56117] -> [..90.111.212.50][..427] + detected: [...566] [ip4][..udp] [....69.24.27.60][56117] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...565] [ip4][..udp] [..32.248.84.127][45264] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 574 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 566|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...567] [ip4][..udp] [..64.62.219.130][17454] -> [...85.111.52.57][..427] + detected: [...567] [ip4][..udp] [..64.62.219.130][17454] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...566] [ip4][..udp] [....69.24.27.60][56117] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...568] [ip4][..udp] [...64.63.52.142][21065] -> [..90.111.212.50][..427] + detected: [...568] [ip4][..udp] [...64.63.52.142][21065] -> [..90.111.212.50][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...569] [ip4][..udp] [...64.63.52.142][50624] -> [..69.109.187.54][..427] + detected: [...569] [ip4][..udp] [...64.63.52.142][50624] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...568] [ip4][..udp] [...64.63.52.142][21065] -> [..90.111.212.50][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...567] [ip4][..udp] [..64.62.219.130][17454] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...570] [ip4][..udp] [...9.160.170.26][53573] -> [..69.109.187.54][..427] + detected: [...570] [ip4][..udp] [...9.160.170.26][53573] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 578 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 570|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] + new: [...571] [ip4][..udp] [.64.193.196.133][51380] -> [..90.145.180.58][..427] + detected: [...571] [ip4][..udp] [.64.193.196.133][51380] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...570] [ip4][..udp] [...9.160.170.26][53573] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...569] [ip4][..udp] [...64.63.52.142][50624] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...572] [ip4][..udp] [...80.51.127.74][51252] -> [...90.141.37.56][..427] + detected: [...572] [ip4][..udp] [...80.51.127.74][51252] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...573] [ip4][..udp] [.160.71.213.140][41896] -> [.186.112.202.53][..427] + detected: [...573] [ip4][..udp] [.160.71.213.140][41896] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...572] [ip4][..udp] [...80.51.127.74][51252] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...571] [ip4][..udp] [.64.193.196.133][51380] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 581 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 3 / 573|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] + new: [...574] [ip4][..udp] [..191.57.36.135][38472] -> [..165.144.84.62][..427] + detected: [...574] [ip4][..udp] [..191.57.36.135][38472] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...572] [ip4][..udp] [...80.51.127.74][51252] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...571] [ip4][..udp] [.64.193.196.133][51380] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...573] [ip4][..udp] [.160.71.213.140][41896] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...575] [ip4][..udp] [.65.193.203.129][63990] -> [...90.141.37.56][..427] + detected: [...575] [ip4][..udp] [.65.193.203.129][63990] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...574] [ip4][..udp] [..191.57.36.135][38472] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 583 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 575|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] + new: [...576] [ip4][..udp] [..71.191.53.138][59582] -> [.165.114.202.61][..427] + detected: [...576] [ip4][..udp] [..71.191.53.138][59582] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...575] [ip4][..udp] [.65.193.203.129][63990] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 584 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 576|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] + new: [...577] [ip4][..udp] [.160.71.213.140][32482] -> [..74.111.203.55][..427] + detected: [...577] [ip4][..udp] [.160.71.213.140][32482] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...576] [ip4][..udp] [..71.191.53.138][59582] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 585 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 577|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] + new: [...578] [ip4][..udp] [.98.103.253.115][41415] -> [..74.111.203.55][..427] + detected: [...578] [ip4][..udp] [.98.103.253.115][41415] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...577] [ip4][..udp] [.160.71.213.140][32482] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 586 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 578|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] + new: [...579] [ip4][..udp] [...33.216.90.56][56415] -> [..165.144.84.62][..427] + detected: [...579] [ip4][..udp] [...33.216.90.56][56415] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...578] [ip4][..udp] [.98.103.253.115][41415] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...580] [ip4][..udp] [154.129.123.124][.6873] -> [.186.112.202.53][..427] + detected: [...580] [ip4][..udp] [154.129.123.124][.6873] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...579] [ip4][..udp] [...33.216.90.56][56415] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...581] [ip4][..udp] [.210.12.216.151][55745] -> [..90.145.180.58][..427] + detected: [...581] [ip4][..udp] [.210.12.216.151][55745] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...580] [ip4][..udp] [154.129.123.124][.6873] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 589 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 581|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...582] [ip4][..udp] [..65.20.223.151][51977] -> [..90.147.171.51][..427] + detected: [...582] [ip4][..udp] [..65.20.223.151][51977] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...581] [ip4][..udp] [.210.12.216.151][55745] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...580] [ip4][..udp] [154.129.123.124][.6873] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 590 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 582|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...583] [ip4][..udp] [..88.31.110.219][54342] -> [.165.114.202.61][..427] + detected: [...583] [ip4][..udp] [..88.31.110.219][54342] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...582] [ip4][..udp] [..65.20.223.151][51977] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 591 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 583|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...584] [ip4][..udp] [206.206.184.241][50350] -> [..69.109.187.54][..427] + detected: [...584] [ip4][..udp] [206.206.184.241][50350] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...583] [ip4][..udp] [..88.31.110.219][54342] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...585] [ip4][..udp] [..190.35.225.89][52867] -> [...85.111.52.57][..427] + detected: [...585] [ip4][..udp] [..190.35.225.89][52867] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 593 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 585|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...586] [ip4][..udp] [..227.7.178.223][63301] -> [..165.144.84.62][..427] + detected: [...586] [ip4][..udp] [..227.7.178.223][63301] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...584] [ip4][..udp] [206.206.184.241][50350] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...585] [ip4][..udp] [..190.35.225.89][52867] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 594 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 586|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...587] [ip4][..udp] [.34.214.128.211][50699] -> [..74.111.203.55][..427] + detected: [...587] [ip4][..udp] [.34.214.128.211][50699] -> [..74.111.203.55][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...586] [ip4][..udp] [..227.7.178.223][63301] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 595 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 587|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...588] [ip4][..udp] [..67.159.16.150][44047] -> [...85.111.52.57][..427] + detected: [...588] [ip4][..udp] [..67.159.16.150][44047] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...587] [ip4][..udp] [.34.214.128.211][50699] -> [..74.111.203.55][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 596 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 588|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...589] [ip4][..udp] [231.223.121.213][38016] -> [..74.111.203.55][..427] + detected: [...589] [ip4][..udp] [231.223.121.213][38016] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...588] [ip4][..udp] [..67.159.16.150][44047] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 597 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 589|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...590] [ip4][..udp] [.218.225.124.29][52381] -> [..69.109.187.54][..427] + detected: [...590] [ip4][..udp] [.218.225.124.29][52381] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...589] [ip4][..udp] [231.223.121.213][38016] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 598 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 590|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...591] [ip4][..udp] [.200.31.144.158][47273] -> [..74.111.203.55][..427] + detected: [...591] [ip4][..udp] [.200.31.144.158][47273] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...590] [ip4][..udp] [.218.225.124.29][52381] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...592] [ip4][..udp] [..49.45.160.215][52110] -> [.165.114.202.61][..427] + detected: [...592] [ip4][..udp] [..49.45.160.215][52110] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...591] [ip4][..udp] [.200.31.144.158][47273] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 600 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 592|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...593] [ip4][..udp] [.200.31.144.158][56053] -> [..69.109.187.54][..427] + detected: [...593] [ip4][..udp] [.200.31.144.158][56053] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...592] [ip4][..udp] [..49.45.160.215][52110] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 601 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 593|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...594] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] + detected: [...594] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...593] [ip4][..udp] [.200.31.144.158][56053] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 602 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 594|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...595] [ip4][..udp] [.200.31.144.158][54403] -> [...90.141.37.56][..427] + detected: [...595] [ip4][..udp] [.200.31.144.158][54403] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...594] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...596] [ip4][..udp] [152.255.170.124][.5941] -> [...85.111.52.57][..427] + detected: [...596] [ip4][..udp] [152.255.170.124][.5941] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...595] [ip4][..udp] [.200.31.144.158][54403] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 604 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 596|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...597] [ip4][..udp] [.200.31.144.158][41849] -> [..90.111.212.50][..427] + detected: [...597] [ip4][..udp] [.200.31.144.158][41849] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...596] [ip4][..udp] [152.255.170.124][.5941] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 605 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 597|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...598] [ip4][..udp] [.200.31.144.158][55801] -> [.165.114.202.61][..427] + detected: [...598] [ip4][..udp] [.200.31.144.158][55801] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...597] [ip4][..udp] [.200.31.144.158][41849] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 606 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 598|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...599] [ip4][..udp] [.200.31.144.158][59938] -> [..165.144.84.62][..427] + detected: [...599] [ip4][..udp] [.200.31.144.158][59938] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...598] [ip4][..udp] [.200.31.144.158][55801] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 607 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 599|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...600] [ip4][..udp] [157.120.252.123][42800] -> [..90.147.171.51][..427] + detected: [...600] [ip4][..udp] [157.120.252.123][42800] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...599] [ip4][..udp] [.200.31.144.158][59938] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 608 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 600|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...601] [ip4][..udp] [.155.185.93.215][16031] -> [..165.144.84.62][..427] + detected: [...601] [ip4][..udp] [.155.185.93.215][16031] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...600] [ip4][..udp] [157.120.252.123][42800] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 609 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 601|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...602] [ip4][..udp] [....174.50.7.11][49286] -> [.186.112.202.53][..427] + detected: [...602] [ip4][..udp] [....174.50.7.11][49286] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...601] [ip4][..udp] [.155.185.93.215][16031] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 610 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 602|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...603] [ip4][..udp] [..89.214.56.129][54129] -> [..74.111.203.55][..427] + detected: [...603] [ip4][..udp] [..89.214.56.129][54129] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...602] [ip4][..udp] [....174.50.7.11][49286] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 611 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 603|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...604] [ip4][..udp] [.166.209.36.168][54765] -> [...90.141.37.56][..427] + detected: [...604] [ip4][..udp] [.166.209.36.168][54765] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...603] [ip4][..udp] [..89.214.56.129][54129] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 612 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 604|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] + new: [...605] [ip4][..udp] [..70.191.37.189][53867] -> [..90.145.180.58][..427] + detected: [...605] [ip4][..udp] [..70.191.37.189][53867] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...604] [ip4][..udp] [.166.209.36.168][54765] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] + detected: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...605] [ip4][..udp] [..70.191.37.189][53867] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...607] [ip4][..udp] [.88.192.213.176][12807] -> [.165.114.202.61][..427] + detected: [...607] [ip4][..udp] [.88.192.213.176][12807] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...608] [ip4][..udp] [.88.192.213.176][12807] -> [..165.144.84.62][..427] + detected: [...608] [ip4][..udp] [.88.192.213.176][12807] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + update: [...607] [ip4][..udp] [.88.192.213.176][12807] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...609] [ip4][..udp] [..95.185.37.180][56601] -> [...85.111.52.57][..427] + detected: [...609] [ip4][..udp] [..95.185.37.180][56601] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...608] [ip4][..udp] [.88.192.213.176][12807] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...607] [ip4][..udp] [.88.192.213.176][12807] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 617 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 609|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] + new: [...610] [ip4][..udp] [..88.63.218.184][57760] -> [.186.112.202.53][..427] + detected: [...610] [ip4][..udp] [..88.63.218.184][57760] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...609] [ip4][..udp] [..95.185.37.180][56601] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 618 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 610|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] + new: [...611] [ip4][..udp] [.95.190.219.185][65399] -> [..90.111.212.50][..427] + detected: [...611] [ip4][..udp] [.95.190.219.185][65399] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...610] [ip4][..udp] [..88.63.218.184][57760] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...612] [ip4][..udp] [...71.64.36.183][43664] -> [..90.147.171.51][..427] + detected: [...612] [ip4][..udp] [...71.64.36.183][43664] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...611] [ip4][..udp] [.95.190.219.185][65399] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...613] [ip4][..udp] [..64.56.203.178][58318] -> [..74.111.203.55][..427] + detected: [...613] [ip4][..udp] [..64.56.203.178][58318] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 621 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 613|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] + new: [...614] [ip4][..udp] [.93.102.124.112][43680] -> [..69.109.187.54][..427] + detected: [...614] [ip4][..udp] [.93.102.124.112][43680] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...613] [ip4][..udp] [..64.56.203.178][58318] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...612] [ip4][..udp] [...71.64.36.183][43664] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 622 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 614|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] + new: [...615] [ip4][..udp] [..185.27.37.156][54712] -> [..90.145.180.58][..427] + detected: [...615] [ip4][..udp] [..185.27.37.156][54712] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...614] [ip4][..udp] [.93.102.124.112][43680] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 623 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 615|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] + new: [...616] [ip4][..udp] [186.213.158.225][53551] -> [..90.111.212.50][..427] + detected: [...616] [ip4][..udp] [186.213.158.225][53551] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...615] [ip4][..udp] [..185.27.37.156][54712] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 624 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 616|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] + new: [...617] [ip4][..udp] [..167.7.154.125][55642] -> [...90.141.37.56][..427] + detected: [...617] [ip4][..udp] [..167.7.154.125][55642] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...616] [ip4][..udp] [186.213.158.225][53551] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 625 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 617|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] + new: [...618] [ip4][..udp] [.70.216.186.103][52251] -> [..90.147.171.51][..427] + detected: [...618] [ip4][..udp] [.70.216.186.103][52251] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...617] [ip4][..udp] [..167.7.154.125][55642] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...619] [ip4][..udp] [..67.159.16.150][26319] -> [.165.114.202.61][..427] + detected: [...619] [ip4][..udp] [..67.159.16.150][26319] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: [Processed: 627 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 619|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] + new: [...620] [ip4][..udp] [....58.22.67.22][52092] -> [...85.111.52.57][..427] + detected: [...620] [ip4][..udp] [....58.22.67.22][52092] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...618] [ip4][..udp] [.70.216.186.103][52251] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...619] [ip4][..udp] [..67.159.16.150][26319] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + new: [...621] [ip4][..udp] [..217.39.155.99][51503] -> [..165.144.84.62][..427] + detected: [...621] [ip4][..udp] [..217.39.155.99][51503] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...620] [ip4][..udp] [....58.22.67.22][52092] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + idle: [...621] [ip4][..udp] [..217.39.155.99][51503] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + RISK: Unidirectional Traffic + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/synscan.pcap.out b/test/results/flow-info/default/synscan.pcap.out index dd922d6d0..7066e47b3 100644 --- a/test/results/flow-info/default/synscan.pcap.out +++ b/test/results/flow-info/default/synscan.pcap.out @@ -5205,10 +5205,10 @@ not-detected: [...204] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..425] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...204] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..425] - not-detected: [..1289] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..427] [Unknown][Unknown][Unrated] + guessed: [..1289] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [..1289] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..427] - not-detected: [..1361] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..427] [Unknown][Unknown][Unrated] + guessed: [..1361] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [..1361] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..427] not-detected: [...191] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6580] [Unknown][Unknown][Unrated] diff --git a/test/results/flow-info/default/threema.pcap.out b/test/results/flow-info/default/threema.pcap.out index 0ce2bd42f..fafc62bb7 100644 --- a/test/results/flow-info/default/threema.pcap.out +++ b/test/results/flow-info/default/threema.pcap.out @@ -20,9 +20,11 @@ DAEMON-EVENT: [Flows][active: 3 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....6] [ip4][..tcp] [..192.168.2.100][50860] -> [.185.88.236.110][.5222] guessed: [.....5] [ip4][..tcp] [..192.168.2.100][50718] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] + RISK: Fully encrypted flow end: [.....5] [ip4][..tcp] [..192.168.2.100][50718] -> [.185.88.236.110][.5222] idle: [.....1] [ip4][..tcp] [..192.168.2.100][50298] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] idle: [.....2] [ip4][..tcp] [..192.168.2.100][50484] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] guessed: [.....6] [ip4][..tcp] [..192.168.2.100][50860] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] + RISK: Fully encrypted flow end: [.....6] [ip4][..tcp] [..192.168.2.100][50860] -> [.185.88.236.110][.5222] DAEMON-EVENT: shutdown diff --git a/test/results/stats/caches_cfg/ookla.pcap.out b/test/results/stats/caches_cfg/ookla.pcap.out index 5f886a8ae..f3289739a 100644 --- a/test/results/stats/caches_cfg/ookla.pcap.out +++ b/test/results/stats/caches_cfg/ookla.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/caches_cfg/teams.pcap.out b/test/results/stats/caches_cfg/teams.pcap.out index 72c1462a4..92ed9481c 100644 --- a/test/results/stats/caches_cfg/teams.pcap.out +++ b/test/results/stats/caches_cfg/teams.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/1kxun.pcap.out b/test/results/stats/default/1kxun.pcap.out index 3a96c6906..3a97ca896 100644 --- a/test/results/stats/default/1kxun.pcap.out +++ b/test/results/stats/default/1kxun.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/443-chrome.pcap.out b/test/results/stats/default/443-chrome.pcap.out index e961a94bd..fdaed3fe5 100644 --- a/test/results/stats/default/443-chrome.pcap.out +++ b/test/results/stats/default/443-chrome.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/443-curl.pcap.out b/test/results/stats/default/443-curl.pcap.out index c79cc6333..87eedf8cc 100644 --- a/test/results/stats/default/443-curl.pcap.out +++ b/test/results/stats/default/443-curl.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/443-firefox.pcap.out b/test/results/stats/default/443-firefox.pcap.out index b058d309c..449e09a05 100644 --- a/test/results/stats/default/443-firefox.pcap.out +++ b/test/results/stats/default/443-firefox.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/443-git.pcap.out b/test/results/stats/default/443-git.pcap.out index 1086cda81..1ad6fd324 100644 --- a/test/results/stats/default/443-git.pcap.out +++ b/test/results/stats/default/443-git.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/443-opvn.pcap.out b/test/results/stats/default/443-opvn.pcap.out index c241bf40f..1c39929c5 100644 --- a/test/results/stats/default/443-opvn.pcap.out +++ b/test/results/stats/default/443-opvn.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/443-safari.pcap.out b/test/results/stats/default/443-safari.pcap.out index 8ff02dc5e..b9b9f46e4 100644 --- a/test/results/stats/default/443-safari.pcap.out +++ b/test/results/stats/default/443-safari.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/4in4tunnel.pcap.out b/test/results/stats/default/4in4tunnel.pcap.out index 5f07a2990..5abfa30f9 100644 --- a/test/results/stats/default/4in4tunnel.pcap.out +++ b/test/results/stats/default/4in4tunnel.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/4in6tunnel.pcap.out b/test/results/stats/default/4in6tunnel.pcap.out index 31abe6626..39c3bfd43 100644 --- a/test/results/stats/default/4in6tunnel.pcap.out +++ b/test/results/stats/default/4in6tunnel.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/6in4tunnel.pcap.out b/test/results/stats/default/6in4tunnel.pcap.out index f21992ba8..ceeffec34 100644 --- a/test/results/stats/default/6in4tunnel.pcap.out +++ b/test/results/stats/default/6in4tunnel.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/6in6tunnel.pcap.out b/test/results/stats/default/6in6tunnel.pcap.out index d7c22f3f7..b60182a8d 100644 --- a/test/results/stats/default/6in6tunnel.pcap.out +++ b/test/results/stats/default/6in6tunnel.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/BGP_Cisco_hdlc_slarp.pcap.out b/test/results/stats/default/BGP_Cisco_hdlc_slarp.pcap.out index 23f4d6b59..e561334bd 100644 --- a/test/results/stats/default/BGP_Cisco_hdlc_slarp.pcap.out +++ b/test/results/stats/default/BGP_Cisco_hdlc_slarp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/BGP_redist.pcap.out b/test/results/stats/default/BGP_redist.pcap.out index 907f08101..4bef113f8 100644 --- a/test/results/stats/default/BGP_redist.pcap.out +++ b/test/results/stats/default/BGP_redist.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/EAQ.pcap.out b/test/results/stats/default/EAQ.pcap.out index 6ccdbfe09..f8cb54ea7 100644 --- a/test/results/stats/default/EAQ.pcap.out +++ b/test/results/stats/default/EAQ.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out b/test/results/stats/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out index 57a482442..78252dcad 100644 --- a/test/results/stats/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out +++ b/test/results/stats/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/IEC104.pcap.out b/test/results/stats/default/IEC104.pcap.out index b9a1fbb66..870fde1c0 100644 --- a/test/results/stats/default/IEC104.pcap.out +++ b/test/results/stats/default/IEC104.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/KakaoTalk_chat.pcap.out b/test/results/stats/default/KakaoTalk_chat.pcap.out index 5cbd9a332..3453bf685 100644 --- a/test/results/stats/default/KakaoTalk_chat.pcap.out +++ b/test/results/stats/default/KakaoTalk_chat.pcap.out @@ -1,5 +1,5 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:270 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:238363 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:238490 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:38 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:8 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:30 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/KakaoTalk_talk.pcap.out b/test/results/stats/default/KakaoTalk_talk.pcap.out index 96a639857..9f4cdc183 100644 --- a/test/results/stats/default/KakaoTalk_talk.pcap.out +++ b/test/results/stats/default/KakaoTalk_talk.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/NTPv2.pcap.out b/test/results/stats/default/NTPv2.pcap.out index a5cd3dd89..49bb65afe 100644 --- a/test/results/stats/default/NTPv2.pcap.out +++ b/test/results/stats/default/NTPv2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/NTPv3.pcap.out b/test/results/stats/default/NTPv3.pcap.out index 33810dba3..a8a11b288 100644 --- a/test/results/stats/default/NTPv3.pcap.out +++ b/test/results/stats/default/NTPv3.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/NTPv4.pcap.out b/test/results/stats/default/NTPv4.pcap.out index 33810dba3..a8a11b288 100644 --- a/test/results/stats/default/NTPv4.pcap.out +++ b/test/results/stats/default/NTPv4.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/Oscar.pcap.out b/test/results/stats/default/Oscar.pcap.out index cf1840a1e..f27c45cd6 100644 --- a/test/results/stats/default/Oscar.pcap.out +++ b/test/results/stats/default/Oscar.pcap.out @@ -1,5 +1,5 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:12 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:9367 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:9494 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:1 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/TivoDVR.pcap.out b/test/results/stats/default/TivoDVR.pcap.out index 97fa1ee20..e1bb1d424 100644 --- a/test/results/stats/default/TivoDVR.pcap.out +++ b/test/results/stats/default/TivoDVR.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/WebattackRCE.pcap.out b/test/results/stats/default/WebattackRCE.pcap.out index 0168000a3..af7b6407a 100644 --- a/test/results/stats/default/WebattackRCE.pcap.out +++ b/test/results/stats/default/WebattackRCE.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/WebattackSQLinj.pcap.out b/test/results/stats/default/WebattackSQLinj.pcap.out index 597277d76..b1f5d1b3a 100644 --- a/test/results/stats/default/WebattackSQLinj.pcap.out +++ b/test/results/stats/default/WebattackSQLinj.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/WebattackXSS.pcap.out b/test/results/stats/default/WebattackXSS.pcap.out index 518a0e448..41e95c26e 100644 --- a/test/results/stats/default/WebattackXSS.pcap.out +++ b/test/results/stats/default/WebattackXSS.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/activision.pcap.out b/test/results/stats/default/activision.pcap.out index 9ede284a5..dacbe65d0 100644 --- a/test/results/stats/default/activision.pcap.out +++ b/test/results/stats/default/activision.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/adult_content.pcap.out b/test/results/stats/default/adult_content.pcap.out index 9e344e93f..6e14014ea 100644 --- a/test/results/stats/default/adult_content.pcap.out +++ b/test/results/stats/default/adult_content.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/afp.pcap.out b/test/results/stats/default/afp.pcap.out index 536f4cd6c..ce23ce00d 100644 --- a/test/results/stats/default/afp.pcap.out +++ b/test/results/stats/default/afp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/agora-sd-rtn.pcap.out b/test/results/stats/default/agora-sd-rtn.pcap.out index 36eed139a..3d2967516 100644 --- a/test/results/stats/default/agora-sd-rtn.pcap.out +++ b/test/results/stats/default/agora-sd-rtn.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ah.pcapng.out b/test/results/stats/default/ah.pcapng.out index efa0341b8..0a28267b1 100644 --- a/test/results/stats/default/ah.pcapng.out +++ b/test/results/stats/default/ah.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ajp.pcap.out b/test/results/stats/default/ajp.pcap.out index bceaca919..562668ad2 100644 --- a/test/results/stats/default/ajp.pcap.out +++ b/test/results/stats/default/ajp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/alexa-app.pcapng.out b/test/results/stats/default/alexa-app.pcapng.out index 73d22ec40..92d3895ea 100644 --- a/test/results/stats/default/alexa-app.pcapng.out +++ b/test/results/stats/default/alexa-app.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/alicloud.pcap.out b/test/results/stats/default/alicloud.pcap.out index 787fe54a2..f6284ebd0 100644 --- a/test/results/stats/default/alicloud.pcap.out +++ b/test/results/stats/default/alicloud.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/among_us.pcap.out b/test/results/stats/default/among_us.pcap.out index 88aa90f36..195962cbb 100644 --- a/test/results/stats/default/among_us.pcap.out +++ b/test/results/stats/default/among_us.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/amqp.pcap.out b/test/results/stats/default/amqp.pcap.out index bc0df1ad0..d8e557ecb 100644 --- a/test/results/stats/default/amqp.pcap.out +++ b/test/results/stats/default/amqp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/android.pcap.out b/test/results/stats/default/android.pcap.out index b5f327088..420cf1e81 100644 --- a/test/results/stats/default/android.pcap.out +++ b/test/results/stats/default/android.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/anyconnect-vpn.pcap.out b/test/results/stats/default/anyconnect-vpn.pcap.out index 310460361..308364b54 100644 --- a/test/results/stats/default/anyconnect-vpn.pcap.out +++ b/test/results/stats/default/anyconnect-vpn.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/anydesk.pcapng.out b/test/results/stats/default/anydesk.pcapng.out index df898a68f..2ba5e3a4b 100644 --- a/test/results/stats/default/anydesk.pcapng.out +++ b/test/results/stats/default/anydesk.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/avast.pcap.out b/test/results/stats/default/avast.pcap.out index 7f3bc943d..091664a29 100644 --- a/test/results/stats/default/avast.pcap.out +++ b/test/results/stats/default/avast.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/avast_securedns.pcapng.out b/test/results/stats/default/avast_securedns.pcapng.out index 96c8bf854..10caba258 100644 --- a/test/results/stats/default/avast_securedns.pcapng.out +++ b/test/results/stats/default/avast_securedns.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bacnet.pcap.out b/test/results/stats/default/bacnet.pcap.out index 10d391bd3..a5b39dd61 100644 --- a/test/results/stats/default/bacnet.pcap.out +++ b/test/results/stats/default/bacnet.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bad-dns-traffic.pcap.out b/test/results/stats/default/bad-dns-traffic.pcap.out index f0ca79c4e..f651183f2 100644 --- a/test/results/stats/default/bad-dns-traffic.pcap.out +++ b/test/results/stats/default/bad-dns-traffic.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/badpackets.pcap.out b/test/results/stats/default/badpackets.pcap.out index 2f91d18c7..2acc8d3e9 100644 --- a/test/results/stats/default/badpackets.pcap.out +++ b/test/results/stats/default/badpackets.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bitcoin.pcap.out b/test/results/stats/default/bitcoin.pcap.out index 4658d2c16..59d5c89f1 100644 --- a/test/results/stats/default/bitcoin.pcap.out +++ b/test/results/stats/default/bitcoin.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bittorrent.pcap.out b/test/results/stats/default/bittorrent.pcap.out index 796c6e6d0..7f819e72e 100644 --- a/test/results/stats/default/bittorrent.pcap.out +++ b/test/results/stats/default/bittorrent.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bittorrent_tcp_miss.pcapng.out b/test/results/stats/default/bittorrent_tcp_miss.pcapng.out index be96a2015..4f16c4d4e 100644 --- a/test/results/stats/default/bittorrent_tcp_miss.pcapng.out +++ b/test/results/stats/default/bittorrent_tcp_miss.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bittorrent_utp.pcap.out b/test/results/stats/default/bittorrent_utp.pcap.out index 33dd32a72..6d4b3a427 100644 --- a/test/results/stats/default/bittorrent_utp.pcap.out +++ b/test/results/stats/default/bittorrent_utp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bjnp.pcap.out b/test/results/stats/default/bjnp.pcap.out index c5f4eae4b..9298abd13 100644 --- a/test/results/stats/default/bjnp.pcap.out +++ b/test/results/stats/default/bjnp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bot.pcap.out b/test/results/stats/default/bot.pcap.out index ab93ca807..bc5732bc6 100644 --- a/test/results/stats/default/bot.pcap.out +++ b/test/results/stats/default/bot.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bt-dns.pcap.out b/test/results/stats/default/bt-dns.pcap.out index 471acb567..2e3be1730 100644 --- a/test/results/stats/default/bt-dns.pcap.out +++ b/test/results/stats/default/bt-dns.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bt-http.pcapng.out b/test/results/stats/default/bt-http.pcapng.out index 7e056af38..852981b09 100644 --- a/test/results/stats/default/bt-http.pcapng.out +++ b/test/results/stats/default/bt-http.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/bt_search.pcap.out b/test/results/stats/default/bt_search.pcap.out index ac067ef63..78904db1c 100644 --- a/test/results/stats/default/bt_search.pcap.out +++ b/test/results/stats/default/bt_search.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/cachefly.pcapng.out b/test/results/stats/default/cachefly.pcapng.out index 1d57172a3..5d9d59d3c 100644 --- a/test/results/stats/default/cachefly.pcapng.out +++ b/test/results/stats/default/cachefly.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/capwap.pcap.out b/test/results/stats/default/capwap.pcap.out index 5e6c2777f..1a3336849 100644 --- a/test/results/stats/default/capwap.pcap.out +++ b/test/results/stats/default/capwap.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/capwap_data.pcapng.out b/test/results/stats/default/capwap_data.pcapng.out index ab722fc3f..7447afa49 100644 --- a/test/results/stats/default/capwap_data.pcapng.out +++ b/test/results/stats/default/capwap_data.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/cassandra.pcap.out b/test/results/stats/default/cassandra.pcap.out index 7eb4dd5ac..f229be7c0 100644 --- a/test/results/stats/default/cassandra.pcap.out +++ b/test/results/stats/default/cassandra.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/check_mk_new.pcap.out b/test/results/stats/default/check_mk_new.pcap.out index c4b425d4e..eef17860d 100644 --- a/test/results/stats/default/check_mk_new.pcap.out +++ b/test/results/stats/default/check_mk_new.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/chrome.pcap.out b/test/results/stats/default/chrome.pcap.out index 99ef33d59..1831ac086 100644 --- a/test/results/stats/default/chrome.pcap.out +++ b/test/results/stats/default/chrome.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/citrix.pcap.out b/test/results/stats/default/citrix.pcap.out index 3cd1c43a9..3484016d5 100644 --- a/test/results/stats/default/citrix.pcap.out +++ b/test/results/stats/default/citrix.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/cloudflare-warp.pcap.out b/test/results/stats/default/cloudflare-warp.pcap.out index ffc831eb5..92bd5a489 100644 --- a/test/results/stats/default/cloudflare-warp.pcap.out +++ b/test/results/stats/default/cloudflare-warp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/coap_mqtt.pcap.out b/test/results/stats/default/coap_mqtt.pcap.out index 8bab0d0c5..798736b03 100644 --- a/test/results/stats/default/coap_mqtt.pcap.out +++ b/test/results/stats/default/coap_mqtt.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/collectd.pcap.out b/test/results/stats/default/collectd.pcap.out index 57949e8dc..9e74657e5 100644 --- a/test/results/stats/default/collectd.pcap.out +++ b/test/results/stats/default/collectd.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/corba.pcap.out b/test/results/stats/default/corba.pcap.out index d466b0ab6..d4614f3c2 100644 --- a/test/results/stats/default/corba.pcap.out +++ b/test/results/stats/default/corba.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/cpha.pcap.out b/test/results/stats/default/cpha.pcap.out index 6a964f15c..ac6d6bc24 100644 --- a/test/results/stats/default/cpha.pcap.out +++ b/test/results/stats/default/cpha.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/crawler_false_positive.pcapng.out b/test/results/stats/default/crawler_false_positive.pcapng.out index 73c94de51..dddbefa48 100644 --- a/test/results/stats/default/crawler_false_positive.pcapng.out +++ b/test/results/stats/default/crawler_false_positive.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/crynet.pcap.out b/test/results/stats/default/crynet.pcap.out index fbeeaf511..68e577541 100644 --- a/test/results/stats/default/crynet.pcap.out +++ b/test/results/stats/default/crynet.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/custom_rules_same-ip_multiple_ports.pcapng.out b/test/results/stats/default/custom_rules_same-ip_multiple_ports.pcapng.out index dbb0e5cb1..656c61013 100644 --- a/test/results/stats/default/custom_rules_same-ip_multiple_ports.pcapng.out +++ b/test/results/stats/default/custom_rules_same-ip_multiple_ports.pcapng.out @@ -1,23 +1,23 @@ -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:14 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:10067 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:21 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:15093 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:2 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:5 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:8 PUTVAL "localhost/exec-nDPIsrvd/gauge-init_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-reconnect_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-shutdown_count" interval=60 N:1 -PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:2 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_safe_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_fun_count" interval=60 N:0 @@ -60,10 +60,10 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_allowed_site_count" interval PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_antimalware_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_crypto_currency_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_unknown_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip6_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_other_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_udp_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_icmp_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_other_count" interval=60 N:0 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dazn.pcapng.out b/test/results/stats/default/dazn.pcapng.out index b59a7b6f8..8905c49d5 100644 --- a/test/results/stats/default/dazn.pcapng.out +++ b/test/results/stats/default/dazn.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dcerpc.pcap.out b/test/results/stats/default/dcerpc.pcap.out index e9db75818..a9c104060 100644 --- a/test/results/stats/default/dcerpc.pcap.out +++ b/test/results/stats/default/dcerpc.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dhcp-fuzz.pcapng.out b/test/results/stats/default/dhcp-fuzz.pcapng.out index 013fe423f..261043ce3 100644 --- a/test/results/stats/default/dhcp-fuzz.pcapng.out +++ b/test/results/stats/default/dhcp-fuzz.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/diameter.pcap.out b/test/results/stats/default/diameter.pcap.out index b00ac0625..6ffbc2482 100644 --- a/test/results/stats/default/diameter.pcap.out +++ b/test/results/stats/default/diameter.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/discord.pcap.out b/test/results/stats/default/discord.pcap.out index 3e0c86b22..634fa1111 100644 --- a/test/results/stats/default/discord.pcap.out +++ b/test/results/stats/default/discord.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/discord_mid_flow.pcap.out b/test/results/stats/default/discord_mid_flow.pcap.out index d2ea01e51..305cdbfbd 100644 --- a/test/results/stats/default/discord_mid_flow.pcap.out +++ b/test/results/stats/default/discord_mid_flow.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dlt_ppp.pcap.out b/test/results/stats/default/dlt_ppp.pcap.out index aa9058ee0..aca2f0d79 100644 --- a/test/results/stats/default/dlt_ppp.pcap.out +++ b/test/results/stats/default/dlt_ppp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dnp3.pcap.out b/test/results/stats/default/dnp3.pcap.out index 857d9fde4..c43a01cbc 100644 --- a/test/results/stats/default/dnp3.pcap.out +++ b/test/results/stats/default/dnp3.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns-google-nsid.pcapng.out b/test/results/stats/default/dns-google-nsid.pcapng.out new file mode 100644 index 000000000..e0b07997f --- /dev/null +++ b/test/results/stats/default/dns-google-nsid.pcapng.out @@ -0,0 +1,140 @@ +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:46 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:40693 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:7 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:7 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:7 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:7 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:368 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:1054 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:7 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:14 +PUTVAL "localhost/exec-nDPIsrvd/gauge-init_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-reconnect_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-shutdown_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_safe_count" interval=60 N:8 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:6 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_fun_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unsafe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_potentially_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_tracker_ads_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unrated_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_media_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_vpn_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_email_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_data_transfer_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_web_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_social_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_download_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_game_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_chat_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_voip_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_database_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_remote_access_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_cloud_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_network_count" interval=60 N:14 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_collaborative_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_rpc_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_streaming_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_system_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_software_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_music_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_video_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_shopping_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_productivity_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_file_sharing_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_mining_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_malware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_advertisment_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_banned_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_site_unavail_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_allowed_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_antimalware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_crypto_currency_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:3 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip6_count" interval=60 N:4 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_udp_count" interval=60 N:7 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_icmp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_count_sum" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_0_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_17_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_18_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_19_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_20_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_21_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_22_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_23_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_24_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_25_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_26_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_27_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_28_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_29_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_30_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_31_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_32_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_33_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_34_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_35_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_36_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_37_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_38_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_39_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_40_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_41_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_42_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_43_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_44_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_45_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_46_count" interval=60 N:7 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns-invalid-chars.pcap.out b/test/results/stats/default/dns-invalid-chars.pcap.out index bcb78c086..cc8c1ccb9 100644 --- a/test/results/stats/default/dns-invalid-chars.pcap.out +++ b/test/results/stats/default/dns-invalid-chars.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns-tunnel-iodine.pcap.out b/test/results/stats/default/dns-tunnel-iodine.pcap.out index 26ae11f99..cdbaa0aea 100644 --- a/test/results/stats/default/dns-tunnel-iodine.pcap.out +++ b/test/results/stats/default/dns-tunnel-iodine.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns_ambiguous_names.pcap.out b/test/results/stats/default/dns_ambiguous_names.pcap.out index 5e5cf5103..dd0518712 100644 --- a/test/results/stats/default/dns_ambiguous_names.pcap.out +++ b/test/results/stats/default/dns_ambiguous_names.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns_doh.pcap.out b/test/results/stats/default/dns_doh.pcap.out index 778afb426..52e495af9 100644 --- a/test/results/stats/default/dns_doh.pcap.out +++ b/test/results/stats/default/dns_doh.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns_dot.pcap.out b/test/results/stats/default/dns_dot.pcap.out index 2afc6e3b6..6e10b7719 100644 --- a/test/results/stats/default/dns_dot.pcap.out +++ b/test/results/stats/default/dns_dot.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns_exfiltration.pcap.out b/test/results/stats/default/dns_exfiltration.pcap.out index 30b7a5191..e9dd6ee60 100644 --- a/test/results/stats/default/dns_exfiltration.pcap.out +++ b/test/results/stats/default/dns_exfiltration.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns_fragmented.pcap.out b/test/results/stats/default/dns_fragmented.pcap.out index 202dad469..1793a4df2 100644 --- a/test/results/stats/default/dns_fragmented.pcap.out +++ b/test/results/stats/default/dns_fragmented.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns_invert_query.pcapng.out b/test/results/stats/default/dns_invert_query.pcapng.out index a8e15361e..ecea5e6bd 100644 --- a/test/results/stats/default/dns_invert_query.pcapng.out +++ b/test/results/stats/default/dns_invert_query.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dns_long_domainname.pcap.out b/test/results/stats/default/dns_long_domainname.pcap.out index 4d27cae9e..128d090ba 100644 --- a/test/results/stats/default/dns_long_domainname.pcap.out +++ b/test/results/stats/default/dns_long_domainname.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dnscrypt-v1-and-resolver-pings.pcap.out b/test/results/stats/default/dnscrypt-v1-and-resolver-pings.pcap.out index 66e575539..fb96e445c 100644 --- a/test/results/stats/default/dnscrypt-v1-and-resolver-pings.pcap.out +++ b/test/results/stats/default/dnscrypt-v1-and-resolver-pings.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dnscrypt-v2-doh.pcap.out b/test/results/stats/default/dnscrypt-v2-doh.pcap.out index eaac567c9..f6f396bed 100644 --- a/test/results/stats/default/dnscrypt-v2-doh.pcap.out +++ b/test/results/stats/default/dnscrypt-v2-doh.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dnscrypt-v2.pcap.out b/test/results/stats/default/dnscrypt-v2.pcap.out index bb2da2fbd..93d4c26d7 100644 --- a/test/results/stats/default/dnscrypt-v2.pcap.out +++ b/test/results/stats/default/dnscrypt-v2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dnscrypt_skype_false_positive.pcapng.out b/test/results/stats/default/dnscrypt_skype_false_positive.pcapng.out index 1f743ee7d..d9d58d118 100644 --- a/test/results/stats/default/dnscrypt_skype_false_positive.pcapng.out +++ b/test/results/stats/default/dnscrypt_skype_false_positive.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/doh.pcapng.out b/test/results/stats/default/doh.pcapng.out index fbe89312b..e1547ff7a 100644 --- a/test/results/stats/default/doh.pcapng.out +++ b/test/results/stats/default/doh.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/doq.pcapng.out b/test/results/stats/default/doq.pcapng.out index e4f94a9b3..de1e49f7c 100644 --- a/test/results/stats/default/doq.pcapng.out +++ b/test/results/stats/default/doq.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/doq_adguard.pcapng.out b/test/results/stats/default/doq_adguard.pcapng.out index 63dd6ac52..1c008dc40 100644 --- a/test/results/stats/default/doq_adguard.pcapng.out +++ b/test/results/stats/default/doq_adguard.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dos_win98_smb_netbeui.pcap.out b/test/results/stats/default/dos_win98_smb_netbeui.pcap.out index 7bb338ff1..f28b58d0f 100644 --- a/test/results/stats/default/dos_win98_smb_netbeui.pcap.out +++ b/test/results/stats/default/dos_win98_smb_netbeui.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/drda_db2.pcap.out b/test/results/stats/default/drda_db2.pcap.out index 311eddaef..626fb3b9a 100644 --- a/test/results/stats/default/drda_db2.pcap.out +++ b/test/results/stats/default/drda_db2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dropbox.pcap.out b/test/results/stats/default/dropbox.pcap.out index abb411e35..b207d206b 100644 --- a/test/results/stats/default/dropbox.pcap.out +++ b/test/results/stats/default/dropbox.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dtls.pcap.out b/test/results/stats/default/dtls.pcap.out index 5f633a3a0..107a5fc40 100644 --- a/test/results/stats/default/dtls.pcap.out +++ b/test/results/stats/default/dtls.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dtls2.pcap.out b/test/results/stats/default/dtls2.pcap.out index 55febb263..c7bc806e9 100644 --- a/test/results/stats/default/dtls2.pcap.out +++ b/test/results/stats/default/dtls2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dtls_certificate.pcapng.out b/test/results/stats/default/dtls_certificate.pcapng.out index 0d5ccc552..33fee7354 100644 --- a/test/results/stats/default/dtls_certificate.pcapng.out +++ b/test/results/stats/default/dtls_certificate.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dtls_certificate_fragments.pcap.out b/test/results/stats/default/dtls_certificate_fragments.pcap.out index 01c81f6a7..b1d0da571 100644 --- a/test/results/stats/default/dtls_certificate_fragments.pcap.out +++ b/test/results/stats/default/dtls_certificate_fragments.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dtls_mid_sessions.pcapng.out b/test/results/stats/default/dtls_mid_sessions.pcapng.out index fedb8456a..abba4b1d0 100644 --- a/test/results/stats/default/dtls_mid_sessions.pcapng.out +++ b/test/results/stats/default/dtls_mid_sessions.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dtls_old_version.pcapng.out b/test/results/stats/default/dtls_old_version.pcapng.out index a1fc9809b..6dbd1cb3e 100644 --- a/test/results/stats/default/dtls_old_version.pcapng.out +++ b/test/results/stats/default/dtls_old_version.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/dtls_session_id_and_coockie_both.pcap.out b/test/results/stats/default/dtls_session_id_and_coockie_both.pcap.out index a25267d18..d5544042d 100644 --- a/test/results/stats/default/dtls_session_id_and_coockie_both.pcap.out +++ b/test/results/stats/default/dtls_session_id_and_coockie_both.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/edonkey.pcap.out b/test/results/stats/default/edonkey.pcap.out index f78523213..59c142172 100644 --- a/test/results/stats/default/edonkey.pcap.out +++ b/test/results/stats/default/edonkey.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/elasticsearch.pcap.out b/test/results/stats/default/elasticsearch.pcap.out index c8464ee3e..68c8e778b 100644 --- a/test/results/stats/default/elasticsearch.pcap.out +++ b/test/results/stats/default/elasticsearch.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/emotet.pcap.out b/test/results/stats/default/emotet.pcap.out index 6d5df139e..f213bcb9b 100644 --- a/test/results/stats/default/emotet.pcap.out +++ b/test/results/stats/default/emotet.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/encrypted_sni.pcap.out b/test/results/stats/default/encrypted_sni.pcap.out index 95cd4f30b..1d58d09b5 100644 --- a/test/results/stats/default/encrypted_sni.pcap.out +++ b/test/results/stats/default/encrypted_sni.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/epicgames.pcapng.out b/test/results/stats/default/epicgames.pcapng.out index cfe815282..1e17b470d 100644 --- a/test/results/stats/default/epicgames.pcapng.out +++ b/test/results/stats/default/epicgames.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/esp.pcapng.out b/test/results/stats/default/esp.pcapng.out index f4423575d..0c232dde1 100644 --- a/test/results/stats/default/esp.pcapng.out +++ b/test/results/stats/default/esp.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ethereum.pcap.out b/test/results/stats/default/ethereum.pcap.out index c33785922..d5d1b10d0 100644 --- a/test/results/stats/default/ethereum.pcap.out +++ b/test/results/stats/default/ethereum.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ethernetIP.pcap.out b/test/results/stats/default/ethernetIP.pcap.out index aae78e423..3c0c08e24 100644 --- a/test/results/stats/default/ethernetIP.pcap.out +++ b/test/results/stats/default/ethernetIP.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/exe_download.pcap.out b/test/results/stats/default/exe_download.pcap.out index ebb68abe8..344f47c63 100644 --- a/test/results/stats/default/exe_download.pcap.out +++ b/test/results/stats/default/exe_download.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/exe_download_as_png.pcap.out b/test/results/stats/default/exe_download_as_png.pcap.out index 238d11f6e..12c8bd853 100644 --- a/test/results/stats/default/exe_download_as_png.pcap.out +++ b/test/results/stats/default/exe_download_as_png.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/facebook.pcap.out b/test/results/stats/default/facebook.pcap.out index 3aa12b526..118291bd8 100644 --- a/test/results/stats/default/facebook.pcap.out +++ b/test/results/stats/default/facebook.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/fastcgi.pcap.out b/test/results/stats/default/fastcgi.pcap.out index 69a4f30e1..31d6218a5 100644 --- a/test/results/stats/default/fastcgi.pcap.out +++ b/test/results/stats/default/fastcgi.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/firefox.pcap.out b/test/results/stats/default/firefox.pcap.out index 79b3e33b2..671870d63 100644 --- a/test/results/stats/default/firefox.pcap.out +++ b/test/results/stats/default/firefox.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/fix.pcap.out b/test/results/stats/default/fix.pcap.out index 4a70e56a5..f463cf9aa 100644 --- a/test/results/stats/default/fix.pcap.out +++ b/test/results/stats/default/fix.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/fix2.pcap.out b/test/results/stats/default/fix2.pcap.out index 3ea1015dd..2d698ced7 100644 --- a/test/results/stats/default/fix2.pcap.out +++ b/test/results/stats/default/fix2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/forticlient.pcap.out b/test/results/stats/default/forticlient.pcap.out index e9c16b073..1bae003ae 100644 --- a/test/results/stats/default/forticlient.pcap.out +++ b/test/results/stats/default/forticlient.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ftp-start-tls.pcap.out b/test/results/stats/default/ftp-start-tls.pcap.out index f16f37cd5..85b96989e 100644 --- a/test/results/stats/default/ftp-start-tls.pcap.out +++ b/test/results/stats/default/ftp-start-tls.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ftp.pcap.out b/test/results/stats/default/ftp.pcap.out index a62f837bb..22ef33e93 100644 --- a/test/results/stats/default/ftp.pcap.out +++ b/test/results/stats/default/ftp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ftp_failed.pcap.out b/test/results/stats/default/ftp_failed.pcap.out index bc82b3ef1..483d89871 100644 --- a/test/results/stats/default/ftp_failed.pcap.out +++ b/test/results/stats/default/ftp_failed.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/fuzz-2006-06-26-2594.pcap.out b/test/results/stats/default/fuzz-2006-06-26-2594.pcap.out index ecf07ad98..c983a3314 100644 --- a/test/results/stats/default/fuzz-2006-06-26-2594.pcap.out +++ b/test/results/stats/default/fuzz-2006-06-26-2594.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/fuzz-2006-09-29-28586.pcap.out b/test/results/stats/default/fuzz-2006-09-29-28586.pcap.out index 3fbabe40b..5b72f75b6 100644 --- a/test/results/stats/default/fuzz-2006-09-29-28586.pcap.out +++ b/test/results/stats/default/fuzz-2006-09-29-28586.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/fuzz-2020-02-16-11740.pcap.out b/test/results/stats/default/fuzz-2020-02-16-11740.pcap.out index e83f3a3dd..69a881cac 100644 --- a/test/results/stats/default/fuzz-2020-02-16-11740.pcap.out +++ b/test/results/stats/default/fuzz-2020-02-16-11740.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/fuzz-2021-06-07-c6c72a0a56.pcap.out b/test/results/stats/default/fuzz-2021-06-07-c6c72a0a56.pcap.out index c04ef7e7d..6fbbcca71 100644 --- a/test/results/stats/default/fuzz-2021-06-07-c6c72a0a56.pcap.out +++ b/test/results/stats/default/fuzz-2021-06-07-c6c72a0a56.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/fuzz-2021-10-13.pcap.out b/test/results/stats/default/fuzz-2021-10-13.pcap.out index d2941fda3..707268a9a 100644 --- a/test/results/stats/default/fuzz-2021-10-13.pcap.out +++ b/test/results/stats/default/fuzz-2021-10-13.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/geforcenow.pcapng.out b/test/results/stats/default/geforcenow.pcapng.out index ef35dcaed..693776624 100644 --- a/test/results/stats/default/geforcenow.pcapng.out +++ b/test/results/stats/default/geforcenow.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/genshin-impact.pcap.out b/test/results/stats/default/genshin-impact.pcap.out index 5466f2e31..43aa7992f 100644 --- a/test/results/stats/default/genshin-impact.pcap.out +++ b/test/results/stats/default/genshin-impact.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/git.pcap.out b/test/results/stats/default/git.pcap.out index 373f5e3f3..4eda49205 100644 --- a/test/results/stats/default/git.pcap.out +++ b/test/results/stats/default/git.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/gnutella.pcap.out b/test/results/stats/default/gnutella.pcap.out index 0f4e9d04e..5364c4ca6 100644 --- a/test/results/stats/default/gnutella.pcap.out +++ b/test/results/stats/default/gnutella.pcap.out @@ -1,14 +1,14 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:6866 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:5968674 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:5968601 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:801 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:66 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:735 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:2519 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:6 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:3 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:2 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:401 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:5 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:397 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:398 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:149308 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:234286 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:369 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/google_ssl.pcap.out b/test/results/stats/default/google_ssl.pcap.out index 16c386035..1b402b074 100644 --- a/test/results/stats/default/google_ssl.pcap.out +++ b/test/results/stats/default/google_ssl.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/googledns_android10.pcap.out b/test/results/stats/default/googledns_android10.pcap.out index ad2567564..3231d6ee8 100644 --- a/test/results/stats/default/googledns_android10.pcap.out +++ b/test/results/stats/default/googledns_android10.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/gquic.pcap.out b/test/results/stats/default/gquic.pcap.out index 49d9879f1..371efabba 100644 --- a/test/results/stats/default/gquic.pcap.out +++ b/test/results/stats/default/gquic.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/gtp_c.pcap.out b/test/results/stats/default/gtp_c.pcap.out index b260ece00..e3a8de3b3 100644 --- a/test/results/stats/default/gtp_c.pcap.out +++ b/test/results/stats/default/gtp_c.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/gtp_false_positive.pcapng.out b/test/results/stats/default/gtp_false_positive.pcapng.out index 27cd4dc38..b035689a9 100644 --- a/test/results/stats/default/gtp_false_positive.pcapng.out +++ b/test/results/stats/default/gtp_false_positive.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/gtp_prime.pcapng.out b/test/results/stats/default/gtp_prime.pcapng.out index 9044b5cd0..071460f40 100644 --- a/test/results/stats/default/gtp_prime.pcapng.out +++ b/test/results/stats/default/gtp_prime.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/h323-overflow.pcap.out b/test/results/stats/default/h323-overflow.pcap.out index 5989e71f2..a25bf5d0a 100644 --- a/test/results/stats/default/h323-overflow.pcap.out +++ b/test/results/stats/default/h323-overflow.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/h323.pcap.out b/test/results/stats/default/h323.pcap.out index 80e31f015..ef012f9f1 100644 --- a/test/results/stats/default/h323.pcap.out +++ b/test/results/stats/default/h323.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/heuristic_tcp_ack_payload.pcap.out b/test/results/stats/default/heuristic_tcp_ack_payload.pcap.out index da5d17668..3308130f5 100644 --- a/test/results/stats/default/heuristic_tcp_ack_payload.pcap.out +++ b/test/results/stats/default/heuristic_tcp_ack_payload.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/hots.pcapng.out b/test/results/stats/default/hots.pcapng.out index d845943b4..5043c441a 100644 --- a/test/results/stats/default/hots.pcapng.out +++ b/test/results/stats/default/hots.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/hpvirtgrp.pcap.out b/test/results/stats/default/hpvirtgrp.pcap.out index b88610f86..e2891e9f8 100644 --- a/test/results/stats/default/hpvirtgrp.pcap.out +++ b/test/results/stats/default/hpvirtgrp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/hsrp0.pcap.out b/test/results/stats/default/hsrp0.pcap.out index acacc443a..57576de16 100644 --- a/test/results/stats/default/hsrp0.pcap.out +++ b/test/results/stats/default/hsrp0.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/hsrp2.pcap.out b/test/results/stats/default/hsrp2.pcap.out index 875fc804b..2622bb3d0 100644 --- a/test/results/stats/default/hsrp2.pcap.out +++ b/test/results/stats/default/hsrp2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/hsrp2_ipv6.pcapng.out b/test/results/stats/default/hsrp2_ipv6.pcapng.out index 87f9d28c4..c32908dfe 100644 --- a/test/results/stats/default/hsrp2_ipv6.pcapng.out +++ b/test/results/stats/default/hsrp2_ipv6.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http-crash-content-disposition.pcap.out b/test/results/stats/default/http-crash-content-disposition.pcap.out index 4e1541968..998dabedd 100644 --- a/test/results/stats/default/http-crash-content-disposition.pcap.out +++ b/test/results/stats/default/http-crash-content-disposition.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http-lines-split.pcap.out b/test/results/stats/default/http-lines-split.pcap.out index 891a0a012..e47fb88b5 100644 --- a/test/results/stats/default/http-lines-split.pcap.out +++ b/test/results/stats/default/http-lines-split.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http-manipulated.pcap.out b/test/results/stats/default/http-manipulated.pcap.out index c8da9ca21..67152e3ca 100644 --- a/test/results/stats/default/http-manipulated.pcap.out +++ b/test/results/stats/default/http-manipulated.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http-proxy.pcapng.out b/test/results/stats/default/http-proxy.pcapng.out index 1d2855779..7f364a398 100644 --- a/test/results/stats/default/http-proxy.pcapng.out +++ b/test/results/stats/default/http-proxy.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_asymmetric.pcapng.out b/test/results/stats/default/http_asymmetric.pcapng.out index def0cb934..41247291e 100644 --- a/test/results/stats/default/http_asymmetric.pcapng.out +++ b/test/results/stats/default/http_asymmetric.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_auth.pcap.out b/test/results/stats/default/http_auth.pcap.out index f1ca2a69a..36960f849 100644 --- a/test/results/stats/default/http_auth.pcap.out +++ b/test/results/stats/default/http_auth.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_connect.pcap.out b/test/results/stats/default/http_connect.pcap.out index 4b6f9884f..eeee7323a 100644 --- a/test/results/stats/default/http_connect.pcap.out +++ b/test/results/stats/default/http_connect.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_guessed_host_and_guessed.pcapng.out b/test/results/stats/default/http_guessed_host_and_guessed.pcapng.out index ab643501b..22522d164 100644 --- a/test/results/stats/default/http_guessed_host_and_guessed.pcapng.out +++ b/test/results/stats/default/http_guessed_host_and_guessed.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_invalid_server.pcap.out b/test/results/stats/default/http_invalid_server.pcap.out index 5d53ae40a..6a948d5df 100644 --- a/test/results/stats/default/http_invalid_server.pcap.out +++ b/test/results/stats/default/http_invalid_server.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_ipv6.pcap.out b/test/results/stats/default/http_ipv6.pcap.out index 6dfeb5f51..da7f263f5 100644 --- a/test/results/stats/default/http_ipv6.pcap.out +++ b/test/results/stats/default/http_ipv6.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_on_sip_port.pcap.out b/test/results/stats/default/http_on_sip_port.pcap.out index 07bcdadf2..289b347a3 100644 --- a/test/results/stats/default/http_on_sip_port.pcap.out +++ b/test/results/stats/default/http_on_sip_port.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_origin_different_than_host.pcap.out b/test/results/stats/default/http_origin_different_than_host.pcap.out index 8ec2e0e10..87481fc2c 100644 --- a/test/results/stats/default/http_origin_different_than_host.pcap.out +++ b/test/results/stats/default/http_origin_different_than_host.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_starting_with_reply.pcapng.out b/test/results/stats/default/http_starting_with_reply.pcapng.out index d716415a7..36b6bfa6a 100644 --- a/test/results/stats/default/http_starting_with_reply.pcapng.out +++ b/test/results/stats/default/http_starting_with_reply.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/http_ua_splitted_in_two_pkts.pcapng.out b/test/results/stats/default/http_ua_splitted_in_two_pkts.pcapng.out index 1a1b3acc3..bd22d7f1b 100644 --- a/test/results/stats/default/http_ua_splitted_in_two_pkts.pcapng.out +++ b/test/results/stats/default/http_ua_splitted_in_two_pkts.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/i3d.pcap.out b/test/results/stats/default/i3d.pcap.out index d67542690..86ec38e4a 100644 --- a/test/results/stats/default/i3d.pcap.out +++ b/test/results/stats/default/i3d.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/iax.pcap.out b/test/results/stats/default/iax.pcap.out index 49d946135..8ca65553d 100644 --- a/test/results/stats/default/iax.pcap.out +++ b/test/results/stats/default/iax.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/icmp-tunnel.pcap.out b/test/results/stats/default/icmp-tunnel.pcap.out index 168146ceb..e4c15ca5a 100644 --- a/test/results/stats/default/icmp-tunnel.pcap.out +++ b/test/results/stats/default/icmp-tunnel.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/iec60780-5-104.pcap.out b/test/results/stats/default/iec60780-5-104.pcap.out index 56871dfe7..ae6bc0719 100644 --- a/test/results/stats/default/iec60780-5-104.pcap.out +++ b/test/results/stats/default/iec60780-5-104.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/imap-starttls.pcap.out b/test/results/stats/default/imap-starttls.pcap.out index 61b693f27..b3a8b81ac 100644 --- a/test/results/stats/default/imap-starttls.pcap.out +++ b/test/results/stats/default/imap-starttls.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/imap.pcap.out b/test/results/stats/default/imap.pcap.out index 275ccbce6..fe5cfb309 100644 --- a/test/results/stats/default/imap.pcap.out +++ b/test/results/stats/default/imap.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/imaps.pcap.out b/test/results/stats/default/imaps.pcap.out index f7b6e01d5..91de389b2 100644 --- a/test/results/stats/default/imaps.pcap.out +++ b/test/results/stats/default/imaps.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/imo.pcap.out b/test/results/stats/default/imo.pcap.out index 76a451473..ebc8b0762 100644 --- a/test/results/stats/default/imo.pcap.out +++ b/test/results/stats/default/imo.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/instagram.pcap.out b/test/results/stats/default/instagram.pcap.out index ac5b1f7d2..44c7d765c 100644 --- a/test/results/stats/default/instagram.pcap.out +++ b/test/results/stats/default/instagram.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ip_fragmented_garbage.pcap.out b/test/results/stats/default/ip_fragmented_garbage.pcap.out index a480d28f9..dc7f01b4a 100644 --- a/test/results/stats/default/ip_fragmented_garbage.pcap.out +++ b/test/results/stats/default/ip_fragmented_garbage.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/iphone.pcap.out b/test/results/stats/default/iphone.pcap.out index 208807d2f..763673e93 100644 --- a/test/results/stats/default/iphone.pcap.out +++ b/test/results/stats/default/iphone.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ipp.pcap.out b/test/results/stats/default/ipp.pcap.out index a67572989..67a9e38b4 100644 --- a/test/results/stats/default/ipp.pcap.out +++ b/test/results/stats/default/ipp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ipsec_isakmp_esp.pcap.out b/test/results/stats/default/ipsec_isakmp_esp.pcap.out index e647d4a97..310361130 100644 --- a/test/results/stats/default/ipsec_isakmp_esp.pcap.out +++ b/test/results/stats/default/ipsec_isakmp_esp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ipv6_in_gtp.pcap.out b/test/results/stats/default/ipv6_in_gtp.pcap.out index 18b43fd4c..4c90eecb7 100644 --- a/test/results/stats/default/ipv6_in_gtp.pcap.out +++ b/test/results/stats/default/ipv6_in_gtp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/irc.pcap.out b/test/results/stats/default/irc.pcap.out index b43fd0ca3..bb090f141 100644 --- a/test/results/stats/default/irc.pcap.out +++ b/test/results/stats/default/irc.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ja3_lots_of_cipher_suites.pcap.out b/test/results/stats/default/ja3_lots_of_cipher_suites.pcap.out index 313b2440c..47db531ad 100644 --- a/test/results/stats/default/ja3_lots_of_cipher_suites.pcap.out +++ b/test/results/stats/default/ja3_lots_of_cipher_suites.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ja3_lots_of_cipher_suites_2_anon.pcap.out b/test/results/stats/default/ja3_lots_of_cipher_suites_2_anon.pcap.out index 699fe2479..0c13a3e28 100644 --- a/test/results/stats/default/ja3_lots_of_cipher_suites_2_anon.pcap.out +++ b/test/results/stats/default/ja3_lots_of_cipher_suites_2_anon.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/jabber.pcap.out b/test/results/stats/default/jabber.pcap.out index 925d0e12c..a59d6b78f 100644 --- a/test/results/stats/default/jabber.pcap.out +++ b/test/results/stats/default/jabber.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/kerberos-error.pcap.out b/test/results/stats/default/kerberos-error.pcap.out index a7ae00207..e67eb51d3 100644 --- a/test/results/stats/default/kerberos-error.pcap.out +++ b/test/results/stats/default/kerberos-error.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/kerberos-login.pcap.out b/test/results/stats/default/kerberos-login.pcap.out index 67253b564..894470f5c 100644 --- a/test/results/stats/default/kerberos-login.pcap.out +++ b/test/results/stats/default/kerberos-login.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/kerberos.pcap.out b/test/results/stats/default/kerberos.pcap.out index 98744da3c..b3368dfa9 100644 --- a/test/results/stats/default/kerberos.pcap.out +++ b/test/results/stats/default/kerberos.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/kerberos_fuzz.pcapng.out b/test/results/stats/default/kerberos_fuzz.pcapng.out index a3a93e5bb..a65a4aab3 100644 --- a/test/results/stats/default/kerberos_fuzz.pcapng.out +++ b/test/results/stats/default/kerberos_fuzz.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/kismet.pcap.out b/test/results/stats/default/kismet.pcap.out index c94a00935..a594abe17 100644 --- a/test/results/stats/default/kismet.pcap.out +++ b/test/results/stats/default/kismet.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/kontiki.pcap.out b/test/results/stats/default/kontiki.pcap.out index 1f12ebb50..e32e47215 100644 --- a/test/results/stats/default/kontiki.pcap.out +++ b/test/results/stats/default/kontiki.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/line.pcap.out b/test/results/stats/default/line.pcap.out index f9f02f3d1..4a4440cb5 100644 --- a/test/results/stats/default/line.pcap.out +++ b/test/results/stats/default/line.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/linecall_falsepositve.pcap.out b/test/results/stats/default/linecall_falsepositve.pcap.out index 97682e6c4..ab2be211e 100644 --- a/test/results/stats/default/linecall_falsepositve.pcap.out +++ b/test/results/stats/default/linecall_falsepositve.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/lisp_registration.pcap.out b/test/results/stats/default/lisp_registration.pcap.out index 6898901fb..d6eb24a1a 100644 --- a/test/results/stats/default/lisp_registration.pcap.out +++ b/test/results/stats/default/lisp_registration.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/log4j-webapp-exploit.pcap.out b/test/results/stats/default/log4j-webapp-exploit.pcap.out index 1296df2be..240fcba01 100644 --- a/test/results/stats/default/log4j-webapp-exploit.pcap.out +++ b/test/results/stats/default/log4j-webapp-exploit.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/long_tls_certificate.pcap.out b/test/results/stats/default/long_tls_certificate.pcap.out index 33cca7239..def93ee42 100644 --- a/test/results/stats/default/long_tls_certificate.pcap.out +++ b/test/results/stats/default/long_tls_certificate.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/lru_ipv6_caches.pcapng.out b/test/results/stats/default/lru_ipv6_caches.pcapng.out index b4e0799c7..2101e729b 100644 --- a/test/results/stats/default/lru_ipv6_caches.pcapng.out +++ b/test/results/stats/default/lru_ipv6_caches.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/malformed_dns.pcap.out b/test/results/stats/default/malformed_dns.pcap.out index 0ce524286..8634fd8fd 100644 --- a/test/results/stats/default/malformed_dns.pcap.out +++ b/test/results/stats/default/malformed_dns.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/malformed_icmp.pcap.out b/test/results/stats/default/malformed_icmp.pcap.out index 68a279b11..4635d2352 100644 --- a/test/results/stats/default/malformed_icmp.pcap.out +++ b/test/results/stats/default/malformed_icmp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/malware.pcap.out b/test/results/stats/default/malware.pcap.out index 6d9b1c2b3..6b06d1643 100644 --- a/test/results/stats/default/malware.pcap.out +++ b/test/results/stats/default/malware.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/memcached.cap.out b/test/results/stats/default/memcached.cap.out index a7c41d50c..12ed7e3fb 100644 --- a/test/results/stats/default/memcached.cap.out +++ b/test/results/stats/default/memcached.cap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/merakicloud.pcapng.out b/test/results/stats/default/merakicloud.pcapng.out index 5a2799ac5..2745fe7c7 100644 --- a/test/results/stats/default/merakicloud.pcapng.out +++ b/test/results/stats/default/merakicloud.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mgcp.pcapng.out b/test/results/stats/default/mgcp.pcapng.out index 21791970d..835308569 100644 --- a/test/results/stats/default/mgcp.pcapng.out +++ b/test/results/stats/default/mgcp.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/modbus.pcap.out b/test/results/stats/default/modbus.pcap.out index c65affbb0..c2a576836 100644 --- a/test/results/stats/default/modbus.pcap.out +++ b/test/results/stats/default/modbus.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/monero.pcap.out b/test/results/stats/default/monero.pcap.out index 9e7bef8bc..dfee8e483 100644 --- a/test/results/stats/default/monero.pcap.out +++ b/test/results/stats/default/monero.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mongo_false_positive.pcapng.out b/test/results/stats/default/mongo_false_positive.pcapng.out index 51c7df9c6..1d9597770 100644 --- a/test/results/stats/default/mongo_false_positive.pcapng.out +++ b/test/results/stats/default/mongo_false_positive.pcapng.out @@ -1,5 +1,5 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:11 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:10169 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:10296 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:0 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mongodb.pcap.out b/test/results/stats/default/mongodb.pcap.out index 4c9eaf401..66894832e 100644 --- a/test/results/stats/default/mongodb.pcap.out +++ b/test/results/stats/default/mongodb.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mpeg-dash.pcap.out b/test/results/stats/default/mpeg-dash.pcap.out index f5134df43..12110230c 100644 --- a/test/results/stats/default/mpeg-dash.pcap.out +++ b/test/results/stats/default/mpeg-dash.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mpeg.pcap.out b/test/results/stats/default/mpeg.pcap.out index 55c3ddcab..f108bcc21 100644 --- a/test/results/stats/default/mpeg.pcap.out +++ b/test/results/stats/default/mpeg.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mpegts.pcap.out b/test/results/stats/default/mpegts.pcap.out index 555852058..221fcb9bf 100644 --- a/test/results/stats/default/mpegts.pcap.out +++ b/test/results/stats/default/mpegts.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mqtt.pcap.out b/test/results/stats/default/mqtt.pcap.out index ca8259d83..5da6b9bc3 100644 --- a/test/results/stats/default/mqtt.pcap.out +++ b/test/results/stats/default/mqtt.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mssql_tds.pcap.out b/test/results/stats/default/mssql_tds.pcap.out index 7d9e42e20..5ce20762e 100644 --- a/test/results/stats/default/mssql_tds.pcap.out +++ b/test/results/stats/default/mssql_tds.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mullvad_dns.pcap.out b/test/results/stats/default/mullvad_dns.pcap.out new file mode 100644 index 000000000..1b550d15a --- /dev/null +++ b/test/results/stats/default/mullvad_dns.pcap.out @@ -0,0 +1,140 @@ +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:9 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:6980 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:56 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:74 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-init_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-reconnect_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-shutdown_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_safe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_fun_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unsafe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_potentially_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_tracker_ads_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unrated_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_media_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_vpn_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_email_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_data_transfer_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_web_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_social_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_download_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_game_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_chat_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_voip_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_database_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_remote_access_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_cloud_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_network_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_collaborative_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_rpc_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_streaming_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_system_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_software_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_music_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_video_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_shopping_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_productivity_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_file_sharing_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_mining_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_malware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_advertisment_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_banned_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_site_unavail_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_allowed_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_antimalware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_crypto_currency_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_udp_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_icmp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_count_sum" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_0_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_17_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_18_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_19_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_20_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_21_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_22_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_23_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_24_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_25_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_26_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_27_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_28_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_29_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_30_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_31_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_32_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_33_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_34_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_35_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_36_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_37_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_38_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_39_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_40_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_41_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_42_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_43_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_44_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_45_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_46_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mullvad_wireguard.pcap.out b/test/results/stats/default/mullvad_wireguard.pcap.out new file mode 100644 index 000000000..bcc3c4956 --- /dev/null +++ b/test/results/stats/default/mullvad_wireguard.pcap.out @@ -0,0 +1,140 @@ +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:11 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:8077 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:576 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:928 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:5 +PUTVAL "localhost/exec-nDPIsrvd/gauge-init_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-reconnect_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-shutdown_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_safe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_fun_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unsafe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_potentially_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_tracker_ads_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unrated_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_media_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_vpn_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_email_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_data_transfer_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_web_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_social_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_download_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_game_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_chat_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_voip_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_database_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_remote_access_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_cloud_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_collaborative_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_rpc_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_streaming_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_system_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_software_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_music_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_video_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_shopping_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_productivity_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_file_sharing_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_mining_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_malware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_advertisment_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_banned_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_site_unavail_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_allowed_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_antimalware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_crypto_currency_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_udp_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_icmp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_count_sum" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_0_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_5_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_17_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_18_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_19_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_20_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_21_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_22_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_23_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_24_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_25_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_26_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_27_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_28_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_29_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_30_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_31_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_32_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_33_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_34_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_35_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_36_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_37_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_38_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_39_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_40_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_41_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_42_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_43_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_44_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_45_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_46_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/munin.pcap.out b/test/results/stats/default/munin.pcap.out index 10db03fc4..c9040ec73 100644 --- a/test/results/stats/default/munin.pcap.out +++ b/test/results/stats/default/munin.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/mysql-8.pcap.out b/test/results/stats/default/mysql-8.pcap.out index f7fbd8e89..06e8a06f9 100644 --- a/test/results/stats/default/mysql-8.pcap.out +++ b/test/results/stats/default/mysql-8.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/natpmp.pcap.out b/test/results/stats/default/natpmp.pcap.out index 80af8d657..7088a4598 100644 --- a/test/results/stats/default/natpmp.pcap.out +++ b/test/results/stats/default/natpmp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/nats.pcap.out b/test/results/stats/default/nats.pcap.out index 8812357ab..83f6b2d90 100644 --- a/test/results/stats/default/nats.pcap.out +++ b/test/results/stats/default/nats.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ndpi_match_string_subprotocol__error.pcapng.out b/test/results/stats/default/ndpi_match_string_subprotocol__error.pcapng.out index 62c3ee17f..0801da66f 100644 --- a/test/results/stats/default/ndpi_match_string_subprotocol__error.pcapng.out +++ b/test/results/stats/default/ndpi_match_string_subprotocol__error.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/nest_log_sink.pcap.out b/test/results/stats/default/nest_log_sink.pcap.out index 9bc3ba796..2a7156ce4 100644 --- a/test/results/stats/default/nest_log_sink.pcap.out +++ b/test/results/stats/default/nest_log_sink.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/netbios.pcap.out b/test/results/stats/default/netbios.pcap.out index c1e7b964b..41215bb69 100644 --- a/test/results/stats/default/netbios.pcap.out +++ b/test/results/stats/default/netbios.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/netbios_wildcard_dns_query.pcap.out b/test/results/stats/default/netbios_wildcard_dns_query.pcap.out index 5d3cf7d06..3c8f7c8a6 100644 --- a/test/results/stats/default/netbios_wildcard_dns_query.pcap.out +++ b/test/results/stats/default/netbios_wildcard_dns_query.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/netflix.pcap.out b/test/results/stats/default/netflix.pcap.out index c68720238..9234fb0de 100644 --- a/test/results/stats/default/netflix.pcap.out +++ b/test/results/stats/default/netflix.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/netflow-fritz.pcap.out b/test/results/stats/default/netflow-fritz.pcap.out index b3d98169f..6f38d0ede 100644 --- a/test/results/stats/default/netflow-fritz.pcap.out +++ b/test/results/stats/default/netflow-fritz.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/netflowv9.pcap.out b/test/results/stats/default/netflowv9.pcap.out index f8a4da5c8..7eba27c2b 100644 --- a/test/results/stats/default/netflowv9.pcap.out +++ b/test/results/stats/default/netflowv9.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/nfsv2.pcap.out b/test/results/stats/default/nfsv2.pcap.out index 75024626d..00477600a 100644 --- a/test/results/stats/default/nfsv2.pcap.out +++ b/test/results/stats/default/nfsv2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/nfsv3.pcap.out b/test/results/stats/default/nfsv3.pcap.out index 0f7a8898b..5d9c35939 100644 --- a/test/results/stats/default/nfsv3.pcap.out +++ b/test/results/stats/default/nfsv3.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/nintendo.pcap.out b/test/results/stats/default/nintendo.pcap.out index 1d9809ec8..bbe395ba0 100644 --- a/test/results/stats/default/nintendo.pcap.out +++ b/test/results/stats/default/nintendo.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/nntp.pcap.out b/test/results/stats/default/nntp.pcap.out index 7e8002978..4a0535472 100644 --- a/test/results/stats/default/nntp.pcap.out +++ b/test/results/stats/default/nntp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/no_sni.pcap.out b/test/results/stats/default/no_sni.pcap.out index d09606beb..763e45b9f 100644 --- a/test/results/stats/default/no_sni.pcap.out +++ b/test/results/stats/default/no_sni.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ocs.pcap.out b/test/results/stats/default/ocs.pcap.out index 5b0bbb598..9c8a4735c 100644 --- a/test/results/stats/default/ocs.pcap.out +++ b/test/results/stats/default/ocs.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ocsp.pcapng.out b/test/results/stats/default/ocsp.pcapng.out index 4b4535555..9cd6299b7 100644 --- a/test/results/stats/default/ocsp.pcapng.out +++ b/test/results/stats/default/ocsp.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/oicq.pcap.out b/test/results/stats/default/oicq.pcap.out index 4b69ca032..d8167edef 100644 --- a/test/results/stats/default/oicq.pcap.out +++ b/test/results/stats/default/oicq.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ookla.pcap.out b/test/results/stats/default/ookla.pcap.out index 4be5bfba7..3619ad263 100644 --- a/test/results/stats/default/ookla.pcap.out +++ b/test/results/stats/default/ookla.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/openvpn.pcap.out b/test/results/stats/default/openvpn.pcap.out index a834df883..c0aedfd19 100644 --- a/test/results/stats/default/openvpn.pcap.out +++ b/test/results/stats/default/openvpn.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/oracle12.pcapng.out b/test/results/stats/default/oracle12.pcapng.out index fbb77c950..ade611b0a 100644 --- a/test/results/stats/default/oracle12.pcapng.out +++ b/test/results/stats/default/oracle12.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/os_detected.pcapng.out b/test/results/stats/default/os_detected.pcapng.out index 76be04755..abc9d687a 100644 --- a/test/results/stats/default/os_detected.pcapng.out +++ b/test/results/stats/default/os_detected.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ospfv2_add_new_prefix.pcap.out b/test/results/stats/default/ospfv2_add_new_prefix.pcap.out index fe19945aa..1b6cffde4 100644 --- a/test/results/stats/default/ospfv2_add_new_prefix.pcap.out +++ b/test/results/stats/default/ospfv2_add_new_prefix.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ossfuzz_seed_fake_traces_1.pcapng.out b/test/results/stats/default/ossfuzz_seed_fake_traces_1.pcapng.out index 889be14a6..9d234007e 100644 --- a/test/results/stats/default/ossfuzz_seed_fake_traces_1.pcapng.out +++ b/test/results/stats/default/ossfuzz_seed_fake_traces_1.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:6 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ossfuzz_seed_fake_traces_2.pcapng.out b/test/results/stats/default/ossfuzz_seed_fake_traces_2.pcapng.out index 9d095d35d..7c41a3851 100644 --- a/test/results/stats/default/ossfuzz_seed_fake_traces_2.pcapng.out +++ b/test/results/stats/default/ossfuzz_seed_fake_traces_2.pcapng.out @@ -1,25 +1,25 @@ -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:30 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:22081 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:4 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:39 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:28359 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:5 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:4 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:1 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:3 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:4 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:323 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:376 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:479 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:441 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:14 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:19 PUTVAL "localhost/exec-nDPIsrvd/gauge-init_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-reconnect_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-shutdown_count" interval=60 N:1 -PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_safe_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:3 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:4 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_fun_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unsafe_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_potentially_dangerous_count" interval=60 N:0 @@ -37,7 +37,7 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_download_count" interval=60 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_game_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_chat_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_voip_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_database_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_database_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_remote_access_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_cloud_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_network_count" interval=60 N:0 @@ -60,10 +60,10 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_allowed_site_count" interval PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_antimalware_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_crypto_currency_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_unknown_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:4 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:5 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip6_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_other_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_udp_count" interval=60 N:2 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_icmp_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_other_count" interval=60 N:0 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ossfuzz_seed_fake_traces_3.pcapng.out b/test/results/stats/default/ossfuzz_seed_fake_traces_3.pcapng.out index 028d5eba2..851cfd44f 100644 --- a/test/results/stats/default/ossfuzz_seed_fake_traces_3.pcapng.out +++ b/test/results/stats/default/ossfuzz_seed_fake_traces_3.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ossfuzz_seed_fake_traces_4.pcapng.out b/test/results/stats/default/ossfuzz_seed_fake_traces_4.pcapng.out index 49ad8d235..9da92e476 100644 --- a/test/results/stats/default/ossfuzz_seed_fake_traces_4.pcapng.out +++ b/test/results/stats/default/ossfuzz_seed_fake_traces_4.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pgm.pcap.out b/test/results/stats/default/pgm.pcap.out index d0916b607..ce5410215 100644 --- a/test/results/stats/default/pgm.pcap.out +++ b/test/results/stats/default/pgm.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pgsql.pcap.out b/test/results/stats/default/pgsql.pcap.out index bd594e04b..ed7de5ef3 100644 --- a/test/results/stats/default/pgsql.pcap.out +++ b/test/results/stats/default/pgsql.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pim.pcap.out b/test/results/stats/default/pim.pcap.out index 77e6ec256..104f471a0 100644 --- a/test/results/stats/default/pim.pcap.out +++ b/test/results/stats/default/pim.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pinterest.pcap.out b/test/results/stats/default/pinterest.pcap.out index 2dbefcdf6..17866ebcf 100644 --- a/test/results/stats/default/pinterest.pcap.out +++ b/test/results/stats/default/pinterest.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pluralsight.pcap.out b/test/results/stats/default/pluralsight.pcap.out index fbcdc1431..465e011e6 100644 --- a/test/results/stats/default/pluralsight.pcap.out +++ b/test/results/stats/default/pluralsight.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pop3.pcap.out b/test/results/stats/default/pop3.pcap.out index f717a52c4..b47a2b566 100644 --- a/test/results/stats/default/pop3.pcap.out +++ b/test/results/stats/default/pop3.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pop3_stls.pcap.out b/test/results/stats/default/pop3_stls.pcap.out index 3bcd2f6ca..13e509e27 100644 --- a/test/results/stats/default/pop3_stls.pcap.out +++ b/test/results/stats/default/pop3_stls.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pops.pcapng.out b/test/results/stats/default/pops.pcapng.out index 53aa8d858..5115487e3 100644 --- a/test/results/stats/default/pops.pcapng.out +++ b/test/results/stats/default/pops.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pps.pcap.out b/test/results/stats/default/pps.pcap.out index 5082850ad..25a4a2851 100644 --- a/test/results/stats/default/pps.pcap.out +++ b/test/results/stats/default/pps.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/pptp.pcap.out b/test/results/stats/default/pptp.pcap.out index ce4ed44ea..cec201aab 100644 --- a/test/results/stats/default/pptp.pcap.out +++ b/test/results/stats/default/pptp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/protonvpn.pcap.out b/test/results/stats/default/protonvpn.pcap.out index 5992ab131..46043cc8b 100644 --- a/test/results/stats/default/protonvpn.pcap.out +++ b/test/results/stats/default/protonvpn.pcap.out @@ -1,11 +1,11 @@ -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:20 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:15365 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:25 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:19266 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:2 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:2 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:0 @@ -13,11 +13,11 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:1624 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:6451 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:2 PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:10 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:11 PUTVAL "localhost/exec-nDPIsrvd/gauge-init_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-reconnect_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-shutdown_count" interval=60 N:1 -PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_safe_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:4 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_fun_count" interval=60 N:0 @@ -60,10 +60,10 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_allowed_site_count" interval PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_antimalware_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_crypto_currency_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_unknown_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:3 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip6_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_other_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:2 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_udp_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_icmp_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_other_count" interval=60 N:0 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/psiphon3.pcap.out b/test/results/stats/default/psiphon3.pcap.out index b0986b352..b735fa6fd 100644 --- a/test/results/stats/default/psiphon3.pcap.out +++ b/test/results/stats/default/psiphon3.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/punycode-idn.pcap.out b/test/results/stats/default/punycode-idn.pcap.out index eee98580a..143b39c8c 100644 --- a/test/results/stats/default/punycode-idn.pcap.out +++ b/test/results/stats/default/punycode-idn.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-23.pcap.out b/test/results/stats/default/quic-23.pcap.out index a36b65833..b95d0d592 100644 --- a/test/results/stats/default/quic-23.pcap.out +++ b/test/results/stats/default/quic-23.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-24.pcap.out b/test/results/stats/default/quic-24.pcap.out index a8be176f0..676f23eda 100644 --- a/test/results/stats/default/quic-24.pcap.out +++ b/test/results/stats/default/quic-24.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-27.pcap.out b/test/results/stats/default/quic-27.pcap.out index b187597a7..a41e4eb2d 100644 --- a/test/results/stats/default/quic-27.pcap.out +++ b/test/results/stats/default/quic-27.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-28.pcap.out b/test/results/stats/default/quic-28.pcap.out index 5197cebbd..be3f5ea7e 100644 --- a/test/results/stats/default/quic-28.pcap.out +++ b/test/results/stats/default/quic-28.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-29.pcap.out b/test/results/stats/default/quic-29.pcap.out index 93184b6d8..dc9a3cae6 100644 --- a/test/results/stats/default/quic-29.pcap.out +++ b/test/results/stats/default/quic-29.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-33.pcapng.out b/test/results/stats/default/quic-33.pcapng.out index c2d3b35d6..b2ba5254c 100644 --- a/test/results/stats/default/quic-33.pcapng.out +++ b/test/results/stats/default/quic-33.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-34.pcap.out b/test/results/stats/default/quic-34.pcap.out index b9e023f07..73fa83ced 100644 --- a/test/results/stats/default/quic-34.pcap.out +++ b/test/results/stats/default/quic-34.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-forcing-vn-with-data.pcapng.out b/test/results/stats/default/quic-forcing-vn-with-data.pcapng.out index 7a086dc4e..1dc355cd1 100644 --- a/test/results/stats/default/quic-forcing-vn-with-data.pcapng.out +++ b/test/results/stats/default/quic-forcing-vn-with-data.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-fuzz-overflow.pcapng.out b/test/results/stats/default/quic-fuzz-overflow.pcapng.out index c8553fa93..cf895d07a 100644 --- a/test/results/stats/default/quic-fuzz-overflow.pcapng.out +++ b/test/results/stats/default/quic-fuzz-overflow.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-mvfst-22.pcap.out b/test/results/stats/default/quic-mvfst-22.pcap.out index 4222e5386..9bcb770af 100644 --- a/test/results/stats/default/quic-mvfst-22.pcap.out +++ b/test/results/stats/default/quic-mvfst-22.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-mvfst-22_decryption_error.pcap.out b/test/results/stats/default/quic-mvfst-22_decryption_error.pcap.out index e090b58ed..21538d585 100644 --- a/test/results/stats/default/quic-mvfst-22_decryption_error.pcap.out +++ b/test/results/stats/default/quic-mvfst-22_decryption_error.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-mvfst-27.pcapng.out b/test/results/stats/default/quic-mvfst-27.pcapng.out index 10f46281d..1cea18905 100644 --- a/test/results/stats/default/quic-mvfst-27.pcapng.out +++ b/test/results/stats/default/quic-mvfst-27.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-mvfst-exp.pcap.out b/test/results/stats/default/quic-mvfst-exp.pcap.out index 97c107c53..3d72e4176 100644 --- a/test/results/stats/default/quic-mvfst-exp.pcap.out +++ b/test/results/stats/default/quic-mvfst-exp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic-v2.pcapng.out b/test/results/stats/default/quic-v2.pcapng.out index 27e6702a0..9a04cc943 100644 --- a/test/results/stats/default/quic-v2.pcapng.out +++ b/test/results/stats/default/quic-v2.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic.pcap.out b/test/results/stats/default/quic.pcap.out index 6232e43ee..0601c3a0b 100644 --- a/test/results/stats/default/quic.pcap.out +++ b/test/results/stats/default/quic.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic046.pcap.out b/test/results/stats/default/quic046.pcap.out index da5d26dd0..2ce1cec96 100644 --- a/test/results/stats/default/quic046.pcap.out +++ b/test/results/stats/default/quic046.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_0RTT.pcap.out b/test/results/stats/default/quic_0RTT.pcap.out index 9c1e4a28a..bd49a72eb 100644 --- a/test/results/stats/default/quic_0RTT.pcap.out +++ b/test/results/stats/default/quic_0RTT.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_cc_ack.pcapng.out b/test/results/stats/default/quic_cc_ack.pcapng.out index 4344974f1..2bd914c41 100644 --- a/test/results/stats/default/quic_cc_ack.pcapng.out +++ b/test/results/stats/default/quic_cc_ack.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_crypto_aes_auth_size.pcap.out b/test/results/stats/default/quic_crypto_aes_auth_size.pcap.out index f5e74be39..e5722a488 100644 --- a/test/results/stats/default/quic_crypto_aes_auth_size.pcap.out +++ b/test/results/stats/default/quic_crypto_aes_auth_size.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_frags_ch_in_multiple_packets.pcapng.out b/test/results/stats/default/quic_frags_ch_in_multiple_packets.pcapng.out index 41c6db2d8..0562b53ef 100644 --- a/test/results/stats/default/quic_frags_ch_in_multiple_packets.pcapng.out +++ b/test/results/stats/default/quic_frags_ch_in_multiple_packets.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out b/test/results/stats/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out index 3abb0741e..5880ac066 100644 --- a/test/results/stats/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out +++ b/test/results/stats/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_interop_V.pcapng.out b/test/results/stats/default/quic_interop_V.pcapng.out index 46f28d6e8..92d751f50 100644 --- a/test/results/stats/default/quic_interop_V.pcapng.out +++ b/test/results/stats/default/quic_interop_V.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_q39.pcap.out b/test/results/stats/default/quic_q39.pcap.out index 1e9ca4618..6997025c5 100644 --- a/test/results/stats/default/quic_q39.pcap.out +++ b/test/results/stats/default/quic_q39.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_q43.pcap.out b/test/results/stats/default/quic_q43.pcap.out index f37c4d6e1..82d1a12fc 100644 --- a/test/results/stats/default/quic_q43.pcap.out +++ b/test/results/stats/default/quic_q43.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_q46.pcap.out b/test/results/stats/default/quic_q46.pcap.out index 982f13a63..863f4ad12 100644 --- a/test/results/stats/default/quic_q46.pcap.out +++ b/test/results/stats/default/quic_q46.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_q46_b.pcap.out b/test/results/stats/default/quic_q46_b.pcap.out index 7a096caa5..2184e0a25 100644 --- a/test/results/stats/default/quic_q46_b.pcap.out +++ b/test/results/stats/default/quic_q46_b.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_q50.pcap.out b/test/results/stats/default/quic_q50.pcap.out index 3007506e1..2ec9056b8 100644 --- a/test/results/stats/default/quic_q50.pcap.out +++ b/test/results/stats/default/quic_q50.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_t50.pcap.out b/test/results/stats/default/quic_t50.pcap.out index ce433d7d7..55c4fc4fc 100644 --- a/test/results/stats/default/quic_t50.pcap.out +++ b/test/results/stats/default/quic_t50.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quic_t51.pcap.out b/test/results/stats/default/quic_t51.pcap.out index 8e3c8fabb..dbb4fbeae 100644 --- a/test/results/stats/default/quic_t51.pcap.out +++ b/test/results/stats/default/quic_t51.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/quickplay.pcap.out b/test/results/stats/default/quickplay.pcap.out index fb366e82d..59e77f319 100644 --- a/test/results/stats/default/quickplay.pcap.out +++ b/test/results/stats/default/quickplay.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/radius_false_positive.pcapng.out b/test/results/stats/default/radius_false_positive.pcapng.out index 75ed23a3a..9559243b9 100644 --- a/test/results/stats/default/radius_false_positive.pcapng.out +++ b/test/results/stats/default/radius_false_positive.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/raknet.pcap.out b/test/results/stats/default/raknet.pcap.out index 6333bde0e..5643a14c4 100644 --- a/test/results/stats/default/raknet.pcap.out +++ b/test/results/stats/default/raknet.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rdp.pcap.out b/test/results/stats/default/rdp.pcap.out index 3bcaf15ba..86efc37b1 100644 --- a/test/results/stats/default/rdp.pcap.out +++ b/test/results/stats/default/rdp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rdp2.pcap.out b/test/results/stats/default/rdp2.pcap.out index 65367dce0..08b06a0f4 100644 --- a/test/results/stats/default/rdp2.pcap.out +++ b/test/results/stats/default/rdp2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/reasm_crash_anon.pcapng.out b/test/results/stats/default/reasm_crash_anon.pcapng.out index fd1feb6c6..9e0d11332 100644 --- a/test/results/stats/default/reasm_crash_anon.pcapng.out +++ b/test/results/stats/default/reasm_crash_anon.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/reasm_segv_anon.pcapng.out b/test/results/stats/default/reasm_segv_anon.pcapng.out index 420758c7c..66b1bbe05 100644 --- a/test/results/stats/default/reasm_segv_anon.pcapng.out +++ b/test/results/stats/default/reasm_segv_anon.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/reddit.pcap.out b/test/results/stats/default/reddit.pcap.out index 58aafbec4..d6ee62ea4 100644 --- a/test/results/stats/default/reddit.pcap.out +++ b/test/results/stats/default/reddit.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/riot.pcapng.out b/test/results/stats/default/riot.pcapng.out index 8897512bd..503d74a5b 100644 --- a/test/results/stats/default/riot.pcapng.out +++ b/test/results/stats/default/riot.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/riotgames.pcap.out b/test/results/stats/default/riotgames.pcap.out index 19185297c..26e334bc7 100644 --- a/test/results/stats/default/riotgames.pcap.out +++ b/test/results/stats/default/riotgames.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/roblox.pcapng.out b/test/results/stats/default/roblox.pcapng.out index 7ce4ff2a5..682e5d846 100644 --- a/test/results/stats/default/roblox.pcapng.out +++ b/test/results/stats/default/roblox.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rsh-syslog-false-positive.pcap.out b/test/results/stats/default/rsh-syslog-false-positive.pcap.out index b674ac2a6..539ef3db5 100644 --- a/test/results/stats/default/rsh-syslog-false-positive.pcap.out +++ b/test/results/stats/default/rsh-syslog-false-positive.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rsh.pcap.out b/test/results/stats/default/rsh.pcap.out index a5ff8785c..2b31632b3 100644 --- a/test/results/stats/default/rsh.pcap.out +++ b/test/results/stats/default/rsh.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rsync.pcap.out b/test/results/stats/default/rsync.pcap.out index 3e9dec73f..dfb0d3f11 100644 --- a/test/results/stats/default/rsync.pcap.out +++ b/test/results/stats/default/rsync.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out b/test/results/stats/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out index e14d55dc1..c8c34f05b 100644 --- a/test/results/stats/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out +++ b/test/results/stats/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rtmp.pcap.out b/test/results/stats/default/rtmp.pcap.out index c3cbb7ad5..bb0a2525b 100644 --- a/test/results/stats/default/rtmp.pcap.out +++ b/test/results/stats/default/rtmp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rtp.pcapng.out b/test/results/stats/default/rtp.pcapng.out index 5b2423938..a4cc952c3 100644 --- a/test/results/stats/default/rtp.pcapng.out +++ b/test/results/stats/default/rtp.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rtsp.pcap.out b/test/results/stats/default/rtsp.pcap.out index b6dfdfc61..60575aeb0 100644 --- a/test/results/stats/default/rtsp.pcap.out +++ b/test/results/stats/default/rtsp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rtsp_setup_http.pcapng.out b/test/results/stats/default/rtsp_setup_http.pcapng.out index 5ce52d12f..d132e410d 100644 --- a/test/results/stats/default/rtsp_setup_http.pcapng.out +++ b/test/results/stats/default/rtsp_setup_http.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/rx.pcap.out b/test/results/stats/default/rx.pcap.out index 6ab3d8f7b..17e68aa8c 100644 --- a/test/results/stats/default/rx.pcap.out +++ b/test/results/stats/default/rx.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/s7comm.pcap.out b/test/results/stats/default/s7comm.pcap.out index a7a8997ee..420ae4062 100644 --- a/test/results/stats/default/s7comm.pcap.out +++ b/test/results/stats/default/s7comm.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/safari.pcap.out b/test/results/stats/default/safari.pcap.out index 17699bb9c..5b4a55018 100644 --- a/test/results/stats/default/safari.pcap.out +++ b/test/results/stats/default/safari.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/salesforce.pcap.out b/test/results/stats/default/salesforce.pcap.out index 695fa64e2..b827b5c91 100644 --- a/test/results/stats/default/salesforce.pcap.out +++ b/test/results/stats/default/salesforce.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/sccp_hw_conf_register.pcapng.out b/test/results/stats/default/sccp_hw_conf_register.pcapng.out index 4fe9cb1c2..c8e0dd842 100644 --- a/test/results/stats/default/sccp_hw_conf_register.pcapng.out +++ b/test/results/stats/default/sccp_hw_conf_register.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/sctp.cap.out b/test/results/stats/default/sctp.cap.out index cb7e72852..18f02daf3 100644 --- a/test/results/stats/default/sctp.cap.out +++ b/test/results/stats/default/sctp.cap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/selfsigned.pcap.out b/test/results/stats/default/selfsigned.pcap.out index ce117a53f..c7961dcbc 100644 --- a/test/results/stats/default/selfsigned.pcap.out +++ b/test/results/stats/default/selfsigned.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/sflow.pcap.out b/test/results/stats/default/sflow.pcap.out index 18c471c5c..47d3881f3 100644 --- a/test/results/stats/default/sflow.pcap.out +++ b/test/results/stats/default/sflow.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/shadowsocks.pcap.out b/test/results/stats/default/shadowsocks.pcap.out new file mode 100644 index 000000000..ae0991e88 --- /dev/null +++ b/test/results/stats/default/shadowsocks.pcap.out @@ -0,0 +1,140 @@ +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:19 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:12740 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:201 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:134662 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:10 +PUTVAL "localhost/exec-nDPIsrvd/gauge-init_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-reconnect_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-shutdown_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_safe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_fun_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unsafe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_potentially_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_tracker_ads_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unrated_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_media_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_vpn_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_email_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_data_transfer_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_web_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_social_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_download_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_game_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_chat_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_voip_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_database_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_remote_access_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_cloud_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_collaborative_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_rpc_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_streaming_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_system_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_software_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_music_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_video_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_shopping_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_productivity_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_file_sharing_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_mining_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_malware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_advertisment_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_banned_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_site_unavail_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_allowed_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_antimalware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_crypto_currency_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_udp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_icmp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_count_sum" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_0_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_17_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_18_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_19_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_20_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_21_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_22_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_23_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_24_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_25_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_26_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_27_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_28_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_29_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_30_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_31_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_32_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_33_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_34_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_35_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_36_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_37_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_38_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_39_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_40_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_41_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_42_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_43_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_44_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_45_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_46_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/signal.pcap.out b/test/results/stats/default/signal.pcap.out index 8b0a95960..36392bb30 100644 --- a/test/results/stats/default/signal.pcap.out +++ b/test/results/stats/default/signal.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/simple-dnscrypt.pcap.out b/test/results/stats/default/simple-dnscrypt.pcap.out index 916ce8919..6f555486b 100644 --- a/test/results/stats/default/simple-dnscrypt.pcap.out +++ b/test/results/stats/default/simple-dnscrypt.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/sip.pcap.out b/test/results/stats/default/sip.pcap.out index 0829b89cb..5066e5cf1 100644 --- a/test/results/stats/default/sip.pcap.out +++ b/test/results/stats/default/sip.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/sip_hello.pcapng.out b/test/results/stats/default/sip_hello.pcapng.out index 467da29b9..912a07a74 100644 --- a/test/results/stats/default/sip_hello.pcapng.out +++ b/test/results/stats/default/sip_hello.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/sites.pcapng.out b/test/results/stats/default/sites.pcapng.out index 7e6c4caf3..72354a0cf 100644 --- a/test/results/stats/default/sites.pcapng.out +++ b/test/results/stats/default/sites.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/skinny.pcap.out b/test/results/stats/default/skinny.pcap.out index 2d5234f25..33e3e252a 100644 --- a/test/results/stats/default/skinny.pcap.out +++ b/test/results/stats/default/skinny.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/skype-conference-call.pcap.out b/test/results/stats/default/skype-conference-call.pcap.out index 4d3b7551e..7192e74d1 100644 --- a/test/results/stats/default/skype-conference-call.pcap.out +++ b/test/results/stats/default/skype-conference-call.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/skype.pcap.out b/test/results/stats/default/skype.pcap.out index 2ce62389a..7fb85264b 100644 --- a/test/results/stats/default/skype.pcap.out +++ b/test/results/stats/default/skype.pcap.out @@ -1,5 +1,5 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:2126 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:1795738 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:1802469 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:293 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:92 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:201 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/skype_no_unknown.pcap.out b/test/results/stats/default/skype_no_unknown.pcap.out index d2bd431d6..64abec9c3 100644 --- a/test/results/stats/default/skype_no_unknown.pcap.out +++ b/test/results/stats/default/skype_no_unknown.pcap.out @@ -1,5 +1,5 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:1584 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:1303496 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:1308322 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:267 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:61 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:206 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/skype_udp.pcap.out b/test/results/stats/default/skype_udp.pcap.out index 3dac6d05f..f1a55d76e 100644 --- a/test/results/stats/default/skype_udp.pcap.out +++ b/test/results/stats/default/skype_udp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/smb_deletefile.pcap.out b/test/results/stats/default/smb_deletefile.pcap.out index cb2bcbe88..7741f8d9c 100644 --- a/test/results/stats/default/smb_deletefile.pcap.out +++ b/test/results/stats/default/smb_deletefile.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/smb_frags.pcap.out b/test/results/stats/default/smb_frags.pcap.out index 7d84eef5c..ae19b8c00 100644 --- a/test/results/stats/default/smb_frags.pcap.out +++ b/test/results/stats/default/smb_frags.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/smbv1.pcap.out b/test/results/stats/default/smbv1.pcap.out index 4c3e2b485..aa1c012bd 100644 --- a/test/results/stats/default/smbv1.pcap.out +++ b/test/results/stats/default/smbv1.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/smpp_in_general.pcap.out b/test/results/stats/default/smpp_in_general.pcap.out index 680fd63f8..332f4f316 100644 --- a/test/results/stats/default/smpp_in_general.pcap.out +++ b/test/results/stats/default/smpp_in_general.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/smtp-starttls.pcap.out b/test/results/stats/default/smtp-starttls.pcap.out index 9ef8fd4c9..2e60398b0 100644 --- a/test/results/stats/default/smtp-starttls.pcap.out +++ b/test/results/stats/default/smtp-starttls.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/smtp.pcap.out b/test/results/stats/default/smtp.pcap.out index 29bd3ca3c..87e334335 100644 --- a/test/results/stats/default/smtp.pcap.out +++ b/test/results/stats/default/smtp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/smtps.pcapng.out b/test/results/stats/default/smtps.pcapng.out index c36992921..c502a006b 100644 --- a/test/results/stats/default/smtps.pcapng.out +++ b/test/results/stats/default/smtps.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/snapchat.pcap.out b/test/results/stats/default/snapchat.pcap.out index ab7a13f32..2b04702bb 100644 --- a/test/results/stats/default/snapchat.pcap.out +++ b/test/results/stats/default/snapchat.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/snapchat_call.pcapng.out b/test/results/stats/default/snapchat_call.pcapng.out index cdbecf2b2..525db4217 100644 --- a/test/results/stats/default/snapchat_call.pcapng.out +++ b/test/results/stats/default/snapchat_call.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/snapchat_call_v1.pcapng.out b/test/results/stats/default/snapchat_call_v1.pcapng.out index e5045bdca..dcef83205 100644 --- a/test/results/stats/default/snapchat_call_v1.pcapng.out +++ b/test/results/stats/default/snapchat_call_v1.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/snmp.pcap.out b/test/results/stats/default/snmp.pcap.out index 2fba81428..5a9653f2a 100644 --- a/test/results/stats/default/snmp.pcap.out +++ b/test/results/stats/default/snmp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/soap.pcap.out b/test/results/stats/default/soap.pcap.out index a24b84a75..20d31a5e4 100644 --- a/test/results/stats/default/soap.pcap.out +++ b/test/results/stats/default/soap.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/socks.pcap.out b/test/results/stats/default/socks.pcap.out index 32a73da87..dc8caeaa5 100644 --- a/test/results/stats/default/socks.pcap.out +++ b/test/results/stats/default/socks.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/softether.pcap.out b/test/results/stats/default/softether.pcap.out index 92608b2e7..4a56e28ba 100644 --- a/test/results/stats/default/softether.pcap.out +++ b/test/results/stats/default/softether.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/someip-tp.pcap.out b/test/results/stats/default/someip-tp.pcap.out index 68c935675..333879739 100644 --- a/test/results/stats/default/someip-tp.pcap.out +++ b/test/results/stats/default/someip-tp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/someip-udp-method-call.pcapng.out b/test/results/stats/default/someip-udp-method-call.pcapng.out index d6289dfb6..cc9016efb 100644 --- a/test/results/stats/default/someip-udp-method-call.pcapng.out +++ b/test/results/stats/default/someip-udp-method-call.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/someip_sd_sample.pcap.out b/test/results/stats/default/someip_sd_sample.pcap.out index ff4c19876..ba63e4cfc 100644 --- a/test/results/stats/default/someip_sd_sample.pcap.out +++ b/test/results/stats/default/someip_sd_sample.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/source_engine.pcap.out b/test/results/stats/default/source_engine.pcap.out index 0ccedaef2..1531d6a53 100644 --- a/test/results/stats/default/source_engine.pcap.out +++ b/test/results/stats/default/source_engine.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/sql_injection.pcap.out b/test/results/stats/default/sql_injection.pcap.out index 35e99ef58..bff04dfdd 100644 --- a/test/results/stats/default/sql_injection.pcap.out +++ b/test/results/stats/default/sql_injection.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/srvloc-v1.pcapng.out b/test/results/stats/default/srvloc-v1.pcapng.out new file mode 100644 index 000000000..5110e01fc --- /dev/null +++ b/test/results/stats/default/srvloc-v1.pcapng.out @@ -0,0 +1,140 @@ +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:11 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:9290 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:406 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-init_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-reconnect_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-shutdown_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_safe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_fun_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unsafe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_potentially_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_tracker_ads_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unrated_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_media_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_vpn_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_email_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_data_transfer_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_web_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_social_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_download_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_game_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_chat_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_voip_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_database_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_remote_access_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_cloud_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_collaborative_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_rpc_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_streaming_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_system_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_software_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_music_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_video_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_shopping_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_productivity_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_file_sharing_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_mining_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_malware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_advertisment_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_banned_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_site_unavail_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_allowed_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_antimalware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_crypto_currency_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_udp_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_icmp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_count_sum" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_0_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_17_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_18_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_19_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_20_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_21_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_22_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_23_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_24_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_25_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_26_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_27_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_28_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_29_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_30_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_31_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_32_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_33_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_34_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_35_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_36_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_37_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_38_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_39_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_40_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_41_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_42_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_43_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_44_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_45_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_46_count" interval=60 N:2 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/srvloc.pcap.out b/test/results/stats/default/srvloc.pcap.out new file mode 100644 index 000000000..bf616f11f --- /dev/null +++ b/test/results/stats/default/srvloc.pcap.out @@ -0,0 +1,140 @@ +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:3001 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:2585620 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:621 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:621 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:103 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:621 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:30707 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:621 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-packet_flow_count" interval=60 N:629 +PUTVAL "localhost/exec-nDPIsrvd/gauge-init_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-reconnect_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-shutdown_count" interval=60 N:1 +PUTVAL "localhost/exec-nDPIsrvd/gauge-status_count" interval=60 N:404 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_safe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_acceptable_count" interval=60 N:724 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_fun_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unsafe_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_potentially_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_tracker_ads_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_dangerous_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unrated_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_breed_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_media_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_vpn_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_email_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_data_transfer_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_web_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_social_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_download_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_game_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_chat_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_voip_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_database_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_remote_access_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_cloud_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_network_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_collaborative_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_rpc_count" interval=60 N:724 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_streaming_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_system_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_software_update_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_music_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_video_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_shopping_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_productivity_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_file_sharing_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_mining_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_malware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_advertisment_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_banned_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_site_unavail_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_allowed_site_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_antimalware_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_crypto_currency_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_category_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip4_count" interval=60 N:621 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_ip6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l3_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_tcp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_udp_count" interval=60 N:621 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_icmp_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_l4_other_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_unknown_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_count_sum" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_0_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-error_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_1_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_2_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_3_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_4_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_5_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_6_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_7_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_8_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_9_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_10_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_11_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_12_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_13_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_14_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_15_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_16_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_17_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_18_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_19_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_20_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_21_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_22_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_23_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_24_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_25_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_26_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_27_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_28_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_29_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_30_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_31_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_32_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_33_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_34_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_35_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_36_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_37_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_38_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_39_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_40_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_41_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_42_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_43_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_44_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_45_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_46_count" interval=60 N:724 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ssdp-m-search-ua.pcap.out b/test/results/stats/default/ssdp-m-search-ua.pcap.out index 0115c13f7..b69d851ee 100644 --- a/test/results/stats/default/ssdp-m-search-ua.pcap.out +++ b/test/results/stats/default/ssdp-m-search-ua.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ssdp-m-search.pcap.out b/test/results/stats/default/ssdp-m-search.pcap.out index 878b7081a..a21ea2297 100644 --- a/test/results/stats/default/ssdp-m-search.pcap.out +++ b/test/results/stats/default/ssdp-m-search.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ssh.pcap.out b/test/results/stats/default/ssh.pcap.out index f2d149225..59f107fb8 100644 --- a/test/results/stats/default/ssh.pcap.out +++ b/test/results/stats/default/ssh.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ssl-cert-name-mismatch.pcap.out b/test/results/stats/default/ssl-cert-name-mismatch.pcap.out index e05772ca2..8fcfcdef3 100644 --- a/test/results/stats/default/ssl-cert-name-mismatch.pcap.out +++ b/test/results/stats/default/ssl-cert-name-mismatch.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/starcraft_battle.pcap.out b/test/results/stats/default/starcraft_battle.pcap.out index 2e1d8725f..5f3abc5ad 100644 --- a/test/results/stats/default/starcraft_battle.pcap.out +++ b/test/results/stats/default/starcraft_battle.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/steam.pcap.out b/test/results/stats/default/steam.pcap.out index 71aa8e926..4fe90b604 100644 --- a/test/results/stats/default/steam.pcap.out +++ b/test/results/stats/default/steam.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/steam_datagram_relay_ping.pcapng.out b/test/results/stats/default/steam_datagram_relay_ping.pcapng.out index 4e51898ad..cc4aabbea 100644 --- a/test/results/stats/default/steam_datagram_relay_ping.pcapng.out +++ b/test/results/stats/default/steam_datagram_relay_ping.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/stun.pcap.out b/test/results/stats/default/stun.pcap.out index f25e5fd89..c11dfbafe 100644 --- a/test/results/stats/default/stun.pcap.out +++ b/test/results/stats/default/stun.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/stun_classic.pcap.out b/test/results/stats/default/stun_classic.pcap.out index 3528c9f8b..677af56bd 100644 --- a/test/results/stats/default/stun_classic.pcap.out +++ b/test/results/stats/default/stun_classic.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/stun_google_meet.pcapng.out b/test/results/stats/default/stun_google_meet.pcapng.out index 70c00fc82..dfbb55135 100644 --- a/test/results/stats/default/stun_google_meet.pcapng.out +++ b/test/results/stats/default/stun_google_meet.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/stun_msteams_unidir.pcapng.out b/test/results/stats/default/stun_msteams_unidir.pcapng.out index 0600a7a8d..2075bddd3 100644 --- a/test/results/stats/default/stun_msteams_unidir.pcapng.out +++ b/test/results/stats/default/stun_msteams_unidir.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/stun_signal.pcapng.out b/test/results/stats/default/stun_signal.pcapng.out index 6c9eb214a..78c526fab 100644 --- a/test/results/stats/default/stun_signal.pcapng.out +++ b/test/results/stats/default/stun_signal.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/stun_wa_call.pcapng.out b/test/results/stats/default/stun_wa_call.pcapng.out index b5d8aa24c..4dbe6a955 100644 --- a/test/results/stats/default/stun_wa_call.pcapng.out +++ b/test/results/stats/default/stun_wa_call.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/syncthing.pcap.out b/test/results/stats/default/syncthing.pcap.out index 9401fe384..5dbf01555 100644 --- a/test/results/stats/default/syncthing.pcap.out +++ b/test/results/stats/default/syncthing.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/synscan.pcap.out b/test/results/stats/default/synscan.pcap.out index b2e652ff0..ab38b7718 100644 --- a/test/results/stats/default/synscan.pcap.out +++ b/test/results/stats/default/synscan.pcap.out @@ -1,14 +1,14 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:7996 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:6242526 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:6242702 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:1994 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:5 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:1989 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_update_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_analyse_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:122 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_guessed_count" interval=60 N:124 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detected_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_detection_update_count" interval=60 N:0 -PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:1872 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_not_detected_count" interval=60 N:1870 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_src_total_bytes" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_dst_total_bytes" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risky_count" interval=60 N:0 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/syslog.pcap.out b/test/results/stats/default/syslog.pcap.out index 477f5a66e..956654df3 100644 --- a/test/results/stats/default/syslog.pcap.out +++ b/test/results/stats/default/syslog.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tailscale.pcap.out b/test/results/stats/default/tailscale.pcap.out index e284d1954..88e778640 100644 --- a/test/results/stats/default/tailscale.pcap.out +++ b/test/results/stats/default/tailscale.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/targusdataspeed_false_positives.pcap.out b/test/results/stats/default/targusdataspeed_false_positives.pcap.out index 1c46462ac..6c0437104 100644 --- a/test/results/stats/default/targusdataspeed_false_positives.pcap.out +++ b/test/results/stats/default/targusdataspeed_false_positives.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tcp_scan.pcapng.out b/test/results/stats/default/tcp_scan.pcapng.out index bc26359f5..a5be0a71e 100644 --- a/test/results/stats/default/tcp_scan.pcapng.out +++ b/test/results/stats/default/tcp_scan.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/teams.pcap.out b/test/results/stats/default/teams.pcap.out index e2099712a..fca21d5bc 100644 --- a/test/results/stats/default/teams.pcap.out +++ b/test/results/stats/default/teams.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/teamspeak3.pcap.out b/test/results/stats/default/teamspeak3.pcap.out index 0b4415ea7..093bc187a 100644 --- a/test/results/stats/default/teamspeak3.pcap.out +++ b/test/results/stats/default/teamspeak3.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/teamviewer.pcap.out b/test/results/stats/default/teamviewer.pcap.out index a71148858..39c80c8ee 100644 --- a/test/results/stats/default/teamviewer.pcap.out +++ b/test/results/stats/default/teamviewer.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/telegram.pcap.out b/test/results/stats/default/telegram.pcap.out index 1ca6e5233..f90f682f8 100644 --- a/test/results/stats/default/telegram.pcap.out +++ b/test/results/stats/default/telegram.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:2 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/telnet.pcap.out b/test/results/stats/default/telnet.pcap.out index d4cbeafcc..d03855756 100644 --- a/test/results/stats/default/telnet.pcap.out +++ b/test/results/stats/default/telnet.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/teredo.pcap.out b/test/results/stats/default/teredo.pcap.out index 8e8deaf1e..1c174a674 100644 --- a/test/results/stats/default/teredo.pcap.out +++ b/test/results/stats/default/teredo.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tftp.pcap.out b/test/results/stats/default/tftp.pcap.out index 1f531ea3a..31b038579 100644 --- a/test/results/stats/default/tftp.pcap.out +++ b/test/results/stats/default/tftp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/threema.pcap.out b/test/results/stats/default/threema.pcap.out index 1f381d445..ba46cd5c6 100644 --- a/test/results/stats/default/threema.pcap.out +++ b/test/results/stats/default/threema.pcap.out @@ -1,5 +1,5 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-json_lines" interval=60 N:54 -PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:37111 +PUTVAL "localhost/exec-nDPIsrvd/gauge-json_bytes" interval=60 N:37365 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_new_count" interval=60 N:6 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_end_count" interval=60 N:4 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_idle_count" interval=60 N:2 @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/thrift.pcap.out b/test/results/stats/default/thrift.pcap.out index 09f8ba114..d3f44d244 100644 --- a/test/results/stats/default/thrift.pcap.out +++ b/test/results/stats/default/thrift.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tinc.pcap.out b/test/results/stats/default/tinc.pcap.out index b32c9e8d9..0524285da 100644 --- a/test/results/stats/default/tinc.pcap.out +++ b/test/results/stats/default/tinc.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tk.pcap.out b/test/results/stats/default/tk.pcap.out index c8ef1a2db..3dc1d2dab 100644 --- a/test/results/stats/default/tk.pcap.out +++ b/test/results/stats/default/tk.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls-appdata.pcap.out b/test/results/stats/default/tls-appdata.pcap.out index 6039af064..c59e789a8 100644 --- a/test/results/stats/default/tls-appdata.pcap.out +++ b/test/results/stats/default/tls-appdata.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls-esni-fuzzed.pcap.out b/test/results/stats/default/tls-esni-fuzzed.pcap.out index cbf8db369..84f280dbb 100644 --- a/test/results/stats/default/tls-esni-fuzzed.pcap.out +++ b/test/results/stats/default/tls-esni-fuzzed.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls-rdn-extract.pcap.out b/test/results/stats/default/tls-rdn-extract.pcap.out index 19d7979a2..1732cfa64 100644 --- a/test/results/stats/default/tls-rdn-extract.pcap.out +++ b/test/results/stats/default/tls-rdn-extract.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_2_reasms.pcapng.out b/test/results/stats/default/tls_2_reasms.pcapng.out index d781898bf..69b415a93 100644 --- a/test/results/stats/default/tls_2_reasms.pcapng.out +++ b/test/results/stats/default/tls_2_reasms.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_2_reasms_b.pcapng.out b/test/results/stats/default/tls_2_reasms_b.pcapng.out index 0c8197c53..9699d14e4 100644 --- a/test/results/stats/default/tls_2_reasms_b.pcapng.out +++ b/test/results/stats/default/tls_2_reasms_b.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_alert.pcap.out b/test/results/stats/default/tls_alert.pcap.out index 8d2acb0aa..65a078b39 100644 --- a/test/results/stats/default/tls_alert.pcap.out +++ b/test/results/stats/default/tls_alert.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_certificate_too_long.pcap.out b/test/results/stats/default/tls_certificate_too_long.pcap.out index 922e152ce..a377ceea5 100644 --- a/test/results/stats/default/tls_certificate_too_long.pcap.out +++ b/test/results/stats/default/tls_certificate_too_long.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_cipher_lens.pcap.out b/test/results/stats/default/tls_cipher_lens.pcap.out index 91c6001d5..8c617f7fc 100644 --- a/test/results/stats/default/tls_cipher_lens.pcap.out +++ b/test/results/stats/default/tls_cipher_lens.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_client_certificate_with_missing_server_one.pcapng.out b/test/results/stats/default/tls_client_certificate_with_missing_server_one.pcapng.out index fb3587182..a46e0e15f 100644 --- a/test/results/stats/default/tls_client_certificate_with_missing_server_one.pcapng.out +++ b/test/results/stats/default/tls_client_certificate_with_missing_server_one.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_ech.pcapng.out b/test/results/stats/default/tls_ech.pcapng.out index 29e20f118..fec0bdac1 100644 --- a/test/results/stats/default/tls_ech.pcapng.out +++ b/test/results/stats/default/tls_ech.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_esni_sni_both.pcap.out b/test/results/stats/default/tls_esni_sni_both.pcap.out index f62e3b812..b853d1115 100644 --- a/test/results/stats/default/tls_esni_sni_both.pcap.out +++ b/test/results/stats/default/tls_esni_sni_both.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_false_positives.pcapng.out b/test/results/stats/default/tls_false_positives.pcapng.out index 07d0fc952..3db9b9c06 100644 --- a/test/results/stats/default/tls_false_positives.pcapng.out +++ b/test/results/stats/default/tls_false_positives.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_invalid_reads.pcap.out b/test/results/stats/default/tls_invalid_reads.pcap.out index c93a08492..f9b36582f 100644 --- a/test/results/stats/default/tls_invalid_reads.pcap.out +++ b/test/results/stats/default/tls_invalid_reads.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_long_cert.pcap.out b/test/results/stats/default/tls_long_cert.pcap.out index 597a50488..e97db7409 100644 --- a/test/results/stats/default/tls_long_cert.pcap.out +++ b/test/results/stats/default/tls_long_cert.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_missing_ch_frag.pcap.out b/test/results/stats/default/tls_missing_ch_frag.pcap.out index 54316a64a..5e27ed367 100644 --- a/test/results/stats/default/tls_missing_ch_frag.pcap.out +++ b/test/results/stats/default/tls_missing_ch_frag.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_multiple_synack_different_seq.pcapng.out b/test/results/stats/default/tls_multiple_synack_different_seq.pcapng.out index c78ac525e..8d02663b9 100644 --- a/test/results/stats/default/tls_multiple_synack_different_seq.pcapng.out +++ b/test/results/stats/default/tls_multiple_synack_different_seq.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_port_80.pcapng.out b/test/results/stats/default/tls_port_80.pcapng.out index 7eb12385e..0f70d6242 100644 --- a/test/results/stats/default/tls_port_80.pcapng.out +++ b/test/results/stats/default/tls_port_80.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_torrent.pcapng.out b/test/results/stats/default/tls_torrent.pcapng.out index 439254277..1af497fc5 100644 --- a/test/results/stats/default/tls_torrent.pcapng.out +++ b/test/results/stats/default/tls_torrent.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_unidirectional.pcap.out b/test/results/stats/default/tls_unidirectional.pcap.out index 1211fc42f..57ce9d7ce 100644 --- a/test/results/stats/default/tls_unidirectional.pcap.out +++ b/test/results/stats/default/tls_unidirectional.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tls_verylong_certificate.pcap.out b/test/results/stats/default/tls_verylong_certificate.pcap.out index d4f5d9c44..c329116db 100644 --- a/test/results/stats/default/tls_verylong_certificate.pcap.out +++ b/test/results/stats/default/tls_verylong_certificate.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/toca-boca.pcap.out b/test/results/stats/default/toca-boca.pcap.out index db8e2f6bb..a83740555 100644 --- a/test/results/stats/default/toca-boca.pcap.out +++ b/test/results/stats/default/toca-boca.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tor.pcap.out b/test/results/stats/default/tor.pcap.out index 5b9b20c3c..490eb79c1 100644 --- a/test/results/stats/default/tor.pcap.out +++ b/test/results/stats/default/tor.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tplink_shp.pcap.out b/test/results/stats/default/tplink_shp.pcap.out index 94c563836..daba47042 100644 --- a/test/results/stats/default/tplink_shp.pcap.out +++ b/test/results/stats/default/tplink_shp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/trickbot.pcap.out b/test/results/stats/default/trickbot.pcap.out index a95fd2e24..2aa7eb667 100644 --- a/test/results/stats/default/trickbot.pcap.out +++ b/test/results/stats/default/trickbot.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tumblr.pcap.out b/test/results/stats/default/tumblr.pcap.out index d5db25849..beabbf1c5 100644 --- a/test/results/stats/default/tumblr.pcap.out +++ b/test/results/stats/default/tumblr.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tunnelbear.pcap.out b/test/results/stats/default/tunnelbear.pcap.out index 478e5976b..d5f0a1943 100644 --- a/test/results/stats/default/tunnelbear.pcap.out +++ b/test/results/stats/default/tunnelbear.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/tuya_lp.pcap.out b/test/results/stats/default/tuya_lp.pcap.out index db5884bcc..7850f3462 100644 --- a/test/results/stats/default/tuya_lp.pcap.out +++ b/test/results/stats/default/tuya_lp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ubntac2.pcap.out b/test/results/stats/default/ubntac2.pcap.out index 1fc97f1c5..77f313811 100644 --- a/test/results/stats/default/ubntac2.pcap.out +++ b/test/results/stats/default/ubntac2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/ultrasurf.pcap.out b/test/results/stats/default/ultrasurf.pcap.out index bba79a52d..7af5090eb 100644 --- a/test/results/stats/default/ultrasurf.pcap.out +++ b/test/results/stats/default/ultrasurf.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/upnp.pcap.out b/test/results/stats/default/upnp.pcap.out index a9e6b2a41..952845be1 100644 --- a/test/results/stats/default/upnp.pcap.out +++ b/test/results/stats/default/upnp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/viber.pcap.out b/test/results/stats/default/viber.pcap.out index ac817662d..8d1de3ee1 100644 --- a/test/results/stats/default/viber.pcap.out +++ b/test/results/stats/default/viber.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/vk.pcapng.out b/test/results/stats/default/vk.pcapng.out index 078899dab..5ed3617c9 100644 --- a/test/results/stats/default/vk.pcapng.out +++ b/test/results/stats/default/vk.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/vnc.pcap.out b/test/results/stats/default/vnc.pcap.out index 0eb511a20..8c402f0ff 100644 --- a/test/results/stats/default/vnc.pcap.out +++ b/test/results/stats/default/vnc.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/vrrp3.pcapng.out b/test/results/stats/default/vrrp3.pcapng.out index d4fb77644..09e17a6bd 100644 --- a/test/results/stats/default/vrrp3.pcapng.out +++ b/test/results/stats/default/vrrp3.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/vxlan.pcap.out b/test/results/stats/default/vxlan.pcap.out index f9d97e386..9157d3584 100644 --- a/test/results/stats/default/vxlan.pcap.out +++ b/test/results/stats/default/vxlan.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/wa_video.pcap.out b/test/results/stats/default/wa_video.pcap.out index 9bf17e665..0c0c205c7 100644 --- a/test/results/stats/default/wa_video.pcap.out +++ b/test/results/stats/default/wa_video.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/wa_voice.pcap.out b/test/results/stats/default/wa_voice.pcap.out index 2207e52d6..2f36d52b6 100644 --- a/test/results/stats/default/wa_voice.pcap.out +++ b/test/results/stats/default/wa_voice.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/waze.pcap.out b/test/results/stats/default/waze.pcap.out index 5401e001b..81fb27833 100644 --- a/test/results/stats/default/waze.pcap.out +++ b/test/results/stats/default/waze.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/webex.pcap.out b/test/results/stats/default/webex.pcap.out index a555affa0..573346d38 100644 --- a/test/results/stats/default/webex.pcap.out +++ b/test/results/stats/default/webex.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/websocket.pcap.out b/test/results/stats/default/websocket.pcap.out index 431611dcd..d345b16ea 100644 --- a/test/results/stats/default/websocket.pcap.out +++ b/test/results/stats/default/websocket.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/wechat.pcap.out b/test/results/stats/default/wechat.pcap.out index 1d032426e..accaf6180 100644 --- a/test/results/stats/default/wechat.pcap.out +++ b/test/results/stats/default/wechat.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/weibo.pcap.out b/test/results/stats/default/weibo.pcap.out index 964430fbc..8dc9e2096 100644 --- a/test/results/stats/default/weibo.pcap.out +++ b/test/results/stats/default/weibo.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:1 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/whatsapp.pcap.out b/test/results/stats/default/whatsapp.pcap.out index 2454477c8..39ef46f26 100644 --- a/test/results/stats/default/whatsapp.pcap.out +++ b/test/results/stats/default/whatsapp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/whatsapp_login_call.pcap.out b/test/results/stats/default/whatsapp_login_call.pcap.out index cae86ea9d..fa9408980 100644 --- a/test/results/stats/default/whatsapp_login_call.pcap.out +++ b/test/results/stats/default/whatsapp_login_call.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/whatsapp_login_chat.pcap.out b/test/results/stats/default/whatsapp_login_chat.pcap.out index a52d3bf63..5c5f15f9e 100644 --- a/test/results/stats/default/whatsapp_login_chat.pcap.out +++ b/test/results/stats/default/whatsapp_login_chat.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/whatsapp_voice_and_message.pcap.out b/test/results/stats/default/whatsapp_voice_and_message.pcap.out index 1706f28bb..9f4eba5b4 100644 --- a/test/results/stats/default/whatsapp_voice_and_message.pcap.out +++ b/test/results/stats/default/whatsapp_voice_and_message.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/whatsappfiles.pcap.out b/test/results/stats/default/whatsappfiles.pcap.out index 0d10b25b3..ef7d6ee34 100644 --- a/test/results/stats/default/whatsappfiles.pcap.out +++ b/test/results/stats/default/whatsappfiles.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/whois.pcapng.out b/test/results/stats/default/whois.pcapng.out index 8410ca496..684f59a85 100644 --- a/test/results/stats/default/whois.pcapng.out +++ b/test/results/stats/default/whois.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/windowsupdate_over_http.pcap.out b/test/results/stats/default/windowsupdate_over_http.pcap.out index c200cf014..0612011af 100644 --- a/test/results/stats/default/windowsupdate_over_http.pcap.out +++ b/test/results/stats/default/windowsupdate_over_http.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/wireguard.pcap.out b/test/results/stats/default/wireguard.pcap.out index c9fcc1394..9d0c96d0c 100644 --- a/test/results/stats/default/wireguard.pcap.out +++ b/test/results/stats/default/wireguard.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/wow.pcap.out b/test/results/stats/default/wow.pcap.out index dc347b730..2675427f4 100644 --- a/test/results/stats/default/wow.pcap.out +++ b/test/results/stats/default/wow.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/xdmcp.pcap.out b/test/results/stats/default/xdmcp.pcap.out index 76fd2a92e..586afc0f0 100644 --- a/test/results/stats/default/xdmcp.pcap.out +++ b/test/results/stats/default/xdmcp.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/xiaomi.pcap.out b/test/results/stats/default/xiaomi.pcap.out index c1964df03..68c71be4f 100644 --- a/test/results/stats/default/xiaomi.pcap.out +++ b/test/results/stats/default/xiaomi.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/xss.pcap.out b/test/results/stats/default/xss.pcap.out index 67772a9cd..57781d25c 100644 --- a/test/results/stats/default/xss.pcap.out +++ b/test/results/stats/default/xss.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/yandex.pcapng.out b/test/results/stats/default/yandex.pcapng.out index 65f541f9f..7476e957a 100644 --- a/test/results/stats/default/yandex.pcapng.out +++ b/test/results/stats/default/yandex.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/youtube_quic.pcap.out b/test/results/stats/default/youtube_quic.pcap.out index cbde44501..6d03c8d19 100644 --- a/test/results/stats/default/youtube_quic.pcap.out +++ b/test/results/stats/default/youtube_quic.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/youtubeupload.pcap.out b/test/results/stats/default/youtubeupload.pcap.out index 4d1ea0842..6f20f04d5 100644 --- a/test/results/stats/default/youtubeupload.pcap.out +++ b/test/results/stats/default/youtubeupload.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/z3950.pcapng.out b/test/results/stats/default/z3950.pcapng.out index 1d70d64e0..1a53c9014 100644 --- a/test/results/stats/default/z3950.pcapng.out +++ b/test/results/stats/default/z3950.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/zabbix.pcap.out b/test/results/stats/default/zabbix.pcap.out index 9d92b8b57..d68179075 100644 --- a/test/results/stats/default/zabbix.pcap.out +++ b/test/results/stats/default/zabbix.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/zattoo.pcap.out b/test/results/stats/default/zattoo.pcap.out index f0d4a9247..7b56ffedf 100644 --- a/test/results/stats/default/zattoo.pcap.out +++ b/test/results/stats/default/zattoo.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/zcash.pcap.out b/test/results/stats/default/zcash.pcap.out index ef508ba5e..2ba42a0a3 100644 --- a/test/results/stats/default/zcash.pcap.out +++ b/test/results/stats/default/zcash.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/zoom.pcap.out b/test/results/stats/default/zoom.pcap.out index 77df787aa..486740c70 100644 --- a/test/results/stats/default/zoom.pcap.out +++ b/test/results/stats/default/zoom.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/zoom2.pcap.out b/test/results/stats/default/zoom2.pcap.out index e5a75458a..17b4ce458 100644 --- a/test/results/stats/default/zoom2.pcap.out +++ b/test/results/stats/default/zoom2.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/default/zoom_p2p.pcapng.out b/test/results/stats/default/zoom_p2p.pcapng.out index 44362a36c..459bb5a63 100644 --- a/test/results/stats/default/zoom_p2p.pcapng.out +++ b/test/results/stats/default/zoom_p2p.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/disable_aggressiveness/ookla.pcap.out b/test/results/stats/disable_aggressiveness/ookla.pcap.out index 11cb38cac..1753cc258 100644 --- a/test/results/stats/disable_aggressiveness/ookla.pcap.out +++ b/test/results/stats/disable_aggressiveness/ookla.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/disable_protocols/dns_long_domainname.pcap.out b/test/results/stats/disable_protocols/dns_long_domainname.pcap.out index 07bc007b2..ba99c27e3 100644 --- a/test/results/stats/disable_protocols/dns_long_domainname.pcap.out +++ b/test/results/stats/disable_protocols/dns_long_domainname.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/disable_protocols/pluralsight.pcap.out b/test/results/stats/disable_protocols/pluralsight.pcap.out index 06dedb1f8..f787a6da4 100644 --- a/test/results/stats/disable_protocols/pluralsight.pcap.out +++ b/test/results/stats/disable_protocols/pluralsight.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/disable_protocols/quic-mvfst-27.pcapng.out b/test/results/stats/disable_protocols/quic-mvfst-27.pcapng.out index 4b5df3536..7603a6694 100644 --- a/test/results/stats/disable_protocols/quic-mvfst-27.pcapng.out +++ b/test/results/stats/disable_protocols/quic-mvfst-27.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/disable_protocols/soap.pcap.out b/test/results/stats/disable_protocols/soap.pcap.out index b12ced53b..738b1f243 100644 --- a/test/results/stats/disable_protocols/soap.pcap.out +++ b/test/results/stats/disable_protocols/soap.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/disable_stun_monitoring/lru_ipv6_caches.pcapng.out b/test/results/stats/disable_stun_monitoring/lru_ipv6_caches.pcapng.out index 1129fe68a..5d2b4f206 100644 --- a/test/results/stats/disable_stun_monitoring/lru_ipv6_caches.pcapng.out +++ b/test/results/stats/disable_stun_monitoring/lru_ipv6_caches.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/enable_doh_heuristic/doh.pcapng.out b/test/results/stats/enable_doh_heuristic/doh.pcapng.out index d216e60c4..b022f6aa9 100644 --- a/test/results/stats/enable_doh_heuristic/doh.pcapng.out +++ b/test/results/stats/enable_doh_heuristic/doh.pcapng.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/enable_payload_stat/1kxun.pcap.out b/test/results/stats/enable_payload_stat/1kxun.pcap.out index 4603aa622..e8c81739f 100644 --- a/test/results/stats/enable_payload_stat/1kxun.pcap.out +++ b/test/results/stats/enable_payload_stat/1kxun.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 diff --git a/test/results/stats/enable_stun_monitoring_with_subproto/wa_voice.pcap.out b/test/results/stats/enable_stun_monitoring_with_subproto/wa_voice.pcap.out index c7c5a0a6d..2f23c62f6 100644 --- a/test/results/stats/enable_stun_monitoring_with_subproto/wa_voice.pcap.out +++ b/test/results/stats/enable_stun_monitoring_with_subproto/wa_voice.pcap.out @@ -137,3 +137,4 @@ PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_47_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_48_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_49_count" interval=60 N:0 PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_50_count" interval=60 N:0 +PUTVAL "localhost/exec-nDPIsrvd/gauge-flow_risk_51_count" interval=60 N:0 |