aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/kerberos.pcap.out
diff options
context:
space:
mode:
authorToni Uhlig <matzeton@googlemail.com>2024-06-19 14:25:42 +0200
committerToni Uhlig <matzeton@googlemail.com>2024-06-19 14:25:42 +0200
commit930aaf92760ea8e350c65af3b71ee34cd3581fa9 (patch)
treecaa45384532a92d23ba5df6e966ad6626353c967 /test/results/default/kerberos.pcap.out
parent165b18c82933bfbab41673804811df518c092d50 (diff)
Added global (heap) memory stats for daemon status events.
* added new CMake option `ENABLE_MEMORY_STATUS` to restore the old behavior (and increase performance) * splitted `ENABLE_MEMORY_PROFILING` into `ENABLE_MEMORY_STATUS` and `ENABLE_MEMORY_PROFILING` Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/default/kerberos.pcap.out')
-rw-r--r--test/results/default/kerberos.pcap.out4
1 files changed, 2 insertions, 2 deletions
diff --git a/test/results/default/kerberos.pcap.out b/test/results/default/kerberos.pcap.out
index 61c1e0d5d..3fade40ba 100644
--- a/test/results/default/kerberos.pcap.out
+++ b/test/results/default/kerberos.pcap.out
@@ -1,5 +1,5 @@
00563{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","version":"1.6.0","ndpi_version":"4.9.0-4628-142c8f5","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
-00626{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","version":"1.6.0","ndpi_version":"4.9.0-4628-142c8f5","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1549337929790448}
+00716{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","version":"1.6.0","ndpi_version":"4.9.0-4628-142c8f5","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1549337929790448}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1549337929790448,"flow_src_last_pkt_time":1549337929790448,"flow_dst_last_pkt_time":1549337929790448,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":239,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":239,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":239,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1549337929790448,"l3_proto":"ip4","src_ip":"172.16.8.201","dst_ip":"172.16.8.8","src_port":49157,"dst_port":88,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00850{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1549337929790448,"flow_dst_last_pkt_time":1549337929790448,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":293,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":293,"pkt_l4_len":259,"thread_ts_usec":1549337929790448,"pkt":"pB9ywglqAAgCHEeuCABFAAEXABdAAIAGkNisEAjJrBAICMAFAFiynbRHbznTnlAYAQAf5QAAAAAA62qB6DCB5aEDAgEFogMCAQqjFTATMBGhBAICAICiCQQHMAWgAwEB\/6SBwTCBvqAHAwUAQIEAEKEYMBagAwIBAaEPMA0bC2pvaG5zb24tcGMkohAbDmhhcHB5Y3JhZnQub3JnoyMwIaADAgECoRowGBsGa3JidGd0Gw5oYXBweWNyYWZ0Lm9yZ6URGA8yMDM3MDkxMzAyNDgwNVqmERgPMjAzNzA5MTMwMjQ4MDVapwYCBE7AFheoFTATAgESAgERAgEXAgEYAgL\/eQIBA6kdMBswGaADAgEUoRIEEEpPSE5TT04tUEMgICAgICA="}
01008{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1549337929790448,"flow_src_last_pkt_time":1549337929790448,"flow_dst_last_pkt_time":1549337929790448,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":239,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":239,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":239,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1549337929790448,"l3_proto":"ip4","src_ip":"172.16.8.201","dst_ip":"172.16.8.8","src_port":49157,"dst_port":88,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Kerberos","proto_id":"111","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","kerberos": {"hostname":"johnson-pc","domain":"happycraft.org","username":""}}}
@@ -187,7 +187,7 @@
00784{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1549337931220307,"flow_src_last_pkt_time":1549337931220307,"flow_dst_last_pkt_time":1549337931221192,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":227,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":227,"flow_dst_max_l4_payload_len":260,"flow_src_tot_l4_payload_len":227,"flow_dst_tot_l4_payload_len":260,"midstream":1,"thread_ts_usec":1549337952283232,"l3_proto":"ip4","src_ip":"172.16.8.201","dst_ip":"172.16.8.8","src_port":49174,"dst_port":445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01060{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1549337952282970,"flow_src_last_pkt_time":1549337952282970,"flow_dst_last_pkt_time":1549337952283232,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":356,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":356,"flow_dst_max_l4_payload_len":260,"flow_src_tot_l4_payload_len":356,"flow_dst_tot_l4_payload_len":260,"midstream":1,"thread_ts_usec":1549337952283232,"l3_proto":"ip4","src_ip":"172.16.8.201","dst_ip":"172.16.8.8","src_port":49194,"dst_port":445,"l4_proto":"tcp","ndpi": {"flow_risk": {"35": {"risk":"Susp Entropy","severity":"Medium","risk_score": {"total":210,"client":165,"server":45}}},"confidence": {"1":"Match by port"},"proto":"SMBv23","proto_id":"41","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}}
00784{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1549337952282970,"flow_src_last_pkt_time":1549337952282970,"flow_dst_last_pkt_time":1549337952283232,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":356,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":356,"flow_dst_max_l4_payload_len":260,"flow_src_tot_l4_payload_len":356,"flow_dst_tot_l4_payload_len":260,"midstream":1,"thread_ts_usec":1549337952283232,"l3_proto":"ip4","src_ip":"172.16.8.201","dst_ip":"172.16.8.8","src_port":49194,"dst_port":445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00641{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","version":"1.6.0","ndpi_version":"4.9.0-4628-142c8f5","packets-captured":77,"packets-processed":77,"total-skipped-flows":0,"total-l4-payload-len":24133,"total-not-detected-flows":2,"total-guessed-flows":23,"total-detected-flows":11,"total-detection-updates":3,"total-updates":0,"current-active-flows":0,"total-active-flows":36,"total-idle-flows":36,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":190,"global_ts_usec":1549337952283232}
+00731{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/kerberos.pcap","alias":"nDPId-test","version":"1.6.0","ndpi_version":"4.9.0-4628-142c8f5","packets-captured":77,"packets-processed":77,"total-skipped-flows":0,"total-l4-payload-len":24133,"total-not-detected-flows":2,"total-guessed-flows":23,"total-detected-flows":11,"total-detection-updates":3,"total-updates":0,"current-active-flows":0,"total-active-flows":36,"total-idle-flows":36,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":190,"global_ts_usec":1549337952283232}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 77/77
~~ skipped flows.............: 0
Powered by cgit, Themed by Ted Yin.