diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2022-09-22 19:07:08 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2022-09-22 19:07:08 +0200 |
| commit | 9a28475bba88b711b7075b58473b7e5b5df1f393 (patch) | |
| tree | 73cdf56320f14b5fe0fbfb2e930cf7ea025f9117 /schema | |
| parent | 28971cd7647a79253000fb33e52b5d2129e5ba62 (diff) | |
Improved flown analyse event:
* store packet directions
* merged direction based IATs
* merged direction based PKTLENs
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'schema')
| -rw-r--r-- | schema/flow_event_schema.json | 64 |
1 files changed, 29 insertions, 35 deletions
diff --git a/schema/flow_event_schema.json b/schema/flow_event_schema.json index 01060c016..87ba541b9 100644 --- a/schema/flow_event_schema.json +++ b/schema/flow_event_schema.json @@ -344,48 +344,36 @@ }, "data_analysis": { "type": "object", - "required": [ "iat", "pktlen", "bins" ], + "required": [ "iat", "pktlen", "bins", "directions" ], "properties": { "iat": { "type": "object", "properties": { - "flow_min": { + "min": { "type": "number" }, - "flow_avg": { + "avg": { "type": "number" }, - "flow_max": { + "max": { "type": "number" }, - "flow_stddev": { + "stddev": { "type": "number" }, - "c_to_s_min": { + "var": { "type": "number" }, - "c_to_s_avg": { + "ent": { "type": "number" }, - "c_to_s_max": { - "type": "number" - }, - "c_to_s_stddev": { - "type": "number" - }, - "s_to_c_min": { - "type": "number" - }, - "s_to_c_avg": { - "type": "number" - }, - "s_to_c_max": { - "type": "number" - }, - "s_to_c_stddev": { - "type": "number" + "data": { + "type": "array", + "items": { + "type": "number" + } } }, "additionalProperties": false @@ -394,29 +382,29 @@ "type": "object", "properties": { - "c_to_s_min": { + "min": { "type": "number" }, - "c_to_s_avg": { + "avg": { "type": "number" }, - "c_to_s_max": { + "max": { "type": "number" }, - "c_to_s_stddev": { + "stddev": { "type": "number" }, - "s_to_c_min": { + "var": { "type": "number" }, - "s_to_c_avg": { + "ent": { "type": "number" }, - "s_to_c_max": { - "type": "number" - }, - "s_to_c_stddev": { - "type": "number" + "data": { + "type": "array", + "items": { + "type": "number" + } } }, "additionalProperties": false @@ -439,6 +427,12 @@ } }, "additionalProperties": false + }, + "directions": { + "type": "array", + "items": { + "type": "number" + } } }, "additionalProperties": false |