diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2025-03-05 19:00:23 +0100 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2025-03-06 19:00:23 +0100 |
| commit | ae95c95617d3716abcfbcc93742f6652e44d151c (patch) | |
| tree | fb07186390ebc402a34aa212986ee4a0d0e44ea1 /test/results/default/srvloc.pcap.out | |
| parent | 42c54d3755a84dfaf741157fe83c94b0b15fb296 (diff) | |
* fix API issue with a changed function signature
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/default/srvloc.pcap.out')
| -rw-r--r-- | test/results/default/srvloc.pcap.out | 818 |
1 files changed, 409 insertions, 409 deletions
diff --git a/test/results/default/srvloc.pcap.out b/test/results/default/srvloc.pcap.out index c45ae2f64..59ef92701 100644 --- a/test/results/default/srvloc.pcap.out +++ b/test/results/default/srvloc.pcap.out @@ -1,9 +1,9 @@ -00611{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} -00832{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1685617825174445} +00611{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} +00832{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1685617825174445} 00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685617825174445,"flow_src_last_pkt_time":1685617825174445,"flow_dst_last_pkt_time":1685617825174445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685617825174445,"l3_proto":"ip4","src_ip":"37.40.101.196","dst_ip":"85.111.52.57","src_port":53106,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1685617825174445,"flow_dst_last_pkt_time":1685617825174445,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685617825174445,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbbAlKGXEVW80Oc9yAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00941{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685617825174445,"flow_src_last_pkt_time":1685617825174445,"flow_dst_last_pkt_time":1685617825174445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685617825174445,"l3_proto":"ip4","src_ip":"37.40.101.196","dst_ip":"85.111.52.57","src_port":53106,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00833{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":2,"packets-processed":1,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":6,"global_ts_usec":1685630200886590} +00833{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":2,"packets-processed":1,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":6,"global_ts_usec":1685630200886590} 00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630200886590,"flow_src_last_pkt_time":1685630200886590,"flow_dst_last_pkt_time":1685630200886590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630200886590,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":45163,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00570{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1685630200886590,"flow_dst_last_pkt_time":1685630200886590,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685630200886590,"pkt":"3jHC4dyOPJTVQTiBCABFCABL5ywAACQR3TcbhqncWo0lOLBrAasAN20TAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00942{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630200886590,"flow_src_last_pkt_time":1685630200886590,"flow_dst_last_pkt_time":1685630200886590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630200886590,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":45163,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -12,7 +12,7 @@ 00653{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1685630282860970,"flow_dst_last_pkt_time":1685630282860970,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":149,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":149,"pkt_l4_len":115,"thread_ts_usec":1685630282860970,"pkt":"xmjqc4OdPJTVQTiBCABFCACH1DEAAOsRrCYsY3GWunDKNZ6vAasAcwAAAgIAAGtAAAAAAIgRAAJlbgAAAAMAEREAHmh0dHBzOi8vZXhhbXBsZS5jb20vaW5kZXguaHRtbAAAEREAGHNjaGVtZTovL2RvbWFpbi50bGQvcGF0aAAAEREAD3NscDovL2hvc3QvcGF0aAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630282860970,"flow_src_last_pkt_time":1685630282860970,"flow_dst_last_pkt_time":1685630282860970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":107,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":107,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":107,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630282860970,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"186.112.202.53","src_port":40623,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630200886590,"flow_src_last_pkt_time":1685630200886590,"flow_dst_last_pkt_time":1685630200886590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630282860970,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":45163,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00835{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":4,"packets-processed":3,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":183,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":0,"total-updates":1,"current-active-flows":2,"total-active-flows":3,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":15,"global_ts_usec":1685630932313616} +00835{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":4,"packets-processed":3,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":183,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":0,"total-updates":1,"current-active-flows":2,"total-active-flows":3,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":15,"global_ts_usec":1685630932313616} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630932313616,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":111,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630932313616,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"90.145.180.58","src_port":34697,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00657{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":153,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":153,"pkt_l4_len":119,"thread_ts_usec":1685630932313616,"pkt":"bs1PogZtPJTVQTiBCABFCACL1DEAAOsRrCEsY3GWWpG0OoeJAasAdwAAAgIAAG9AAAAAAIgRAAJlbgAAAAIAEREAHmh0dHBzOi8vZXhhbXBsZS5jb20vaW5kZXguaHRtbAIAAAANAAAAAAADQUFBAAAAEQAAAAAAB0JCQkJCQkIAIiIAE3NscDovL3Rlc3Qub3JnL3Rlc3QA"} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630932313616,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":111,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685630932313616,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"90.145.180.58","src_port":34697,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -22,13 +22,13 @@ 00641{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1685631007788963,"flow_dst_last_pkt_time":1685631007788963,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685631007788963,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRpSXQZLGIWo0lOIHeAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685631007788963,"flow_src_last_pkt_time":1685631007788963,"flow_dst_last_pkt_time":1685631007788963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685631007788963,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.141.37.56","src_port":33246,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630932313616,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":111,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685631007788963,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"90.145.180.58","src_port":34697,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00835{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":6,"packets-processed":5,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":392,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":5,"total-detection-updates":0,"total-updates":2,"current-active-flows":2,"total-active-flows":5,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":25,"global_ts_usec":1685632512691057} +00835{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":6,"packets-processed":5,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":392,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":5,"total-detection-updates":0,"total-updates":2,"current-active-flows":2,"total-active-flows":5,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":25,"global_ts_usec":1685632512691057} 00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685632512691057,"flow_src_last_pkt_time":1685632512691057,"flow_dst_last_pkt_time":1685632512691057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685632512691057,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":33510,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00642{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1685632512691057,"flow_dst_last_pkt_time":1685632512691057,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685632512691057,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPMRpTItfJOcVW80OYLmAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00942{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685632512691057,"flow_src_last_pkt_time":1685632512691057,"flow_dst_last_pkt_time":1685632512691057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685632512691057,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":33510,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685631007788963,"flow_src_last_pkt_time":1685631007788963,"flow_dst_last_pkt_time":1685631007788963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685632512691057,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.141.37.56","src_port":33246,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685630932313616,"flow_src_last_pkt_time":1685630932313616,"flow_dst_last_pkt_time":1685630932313616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":111,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":111,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":111,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685632512691057,"l3_proto":"ip4","src_ip":"44.99.113.150","dst_ip":"90.145.180.58","src_port":34697,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00835{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":7,"packets-processed":6,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":490,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":6,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":6,"total-idle-flows":5,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":31,"global_ts_usec":1685634172336790} +00835{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":7,"packets-processed":6,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":490,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":6,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":6,"total-idle-flows":5,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":31,"global_ts_usec":1685634172336790} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634172336790,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":50663,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00641{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685634172336790,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpS0tfJOcpXLKPcXnAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634172336790,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":50663,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -42,22 +42,22 @@ 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634721622135,"flow_src_last_pkt_time":1685634721622135,"flow_dst_last_pkt_time":1685634721622135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634721622135,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"90.147.171.51","src_port":43154,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634721622135,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":41268,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1685634172336790,"flow_src_last_pkt_time":1685634172336790,"flow_dst_last_pkt_time":1685634172336790,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":196,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685634721622135,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":50663,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00838{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":11,"packets-processed":10,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":882,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":9,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":9,"total-idle-flows":8,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":45,"global_ts_usec":1685636053299196} +00838{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":11,"packets-processed":10,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":882,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":9,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":9,"total-idle-flows":8,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":45,"global_ts_usec":1685636053299196} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685636053299196,"flow_src_last_pkt_time":1685636053299196,"flow_dst_last_pkt_time":1685636053299196,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685636053299196,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"74.111.203.55","src_port":57141,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":1,"flow_src_last_pkt_time":1685636053299196,"flow_dst_last_pkt_time":1685636053299196,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685636053299196,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRpTctfJOcSm\/LN981AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685636053299196,"flow_src_last_pkt_time":1685636053299196,"flow_dst_last_pkt_time":1685636053299196,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685636053299196,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"74.111.203.55","src_port":57141,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685634721622135,"flow_src_last_pkt_time":1685634721622135,"flow_dst_last_pkt_time":1685634721622135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685636053299196,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"90.147.171.51","src_port":43154,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":12,"packets-processed":11,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":980,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":10,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":10,"total-idle-flows":9,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":50,"global_ts_usec":1685637797751103} +00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":12,"packets-processed":11,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":980,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":10,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":10,"total-idle-flows":9,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":50,"global_ts_usec":1685637797751103} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685637797751103,"flow_src_last_pkt_time":1685637797751103,"flow_dst_last_pkt_time":1685637797751103,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685637797751103,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.144.84.62","src_port":38061,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":1,"flow_src_last_pkt_time":1685637797751103,"flow_dst_last_pkt_time":1685637797751103,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685637797751103,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDMi4tKjwpZBUPpStAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685637797751103,"flow_src_last_pkt_time":1685637797751103,"flow_dst_last_pkt_time":1685637797751103,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685637797751103,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.144.84.62","src_port":38061,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685636053299196,"flow_src_last_pkt_time":1685636053299196,"flow_dst_last_pkt_time":1685636053299196,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685637797751103,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"74.111.203.55","src_port":57141,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":13,"packets-processed":12,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1078,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":11,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":11,"total-idle-flows":10,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":55,"global_ts_usec":1685638455443887} +00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":13,"packets-processed":12,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1078,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":11,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":11,"total-idle-flows":10,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":55,"global_ts_usec":1685638455443887} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685638455443887,"flow_src_last_pkt_time":1685638455443887,"flow_dst_last_pkt_time":1685638455443887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685638455443887,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"69.109.187.54","src_port":38756,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":1,"flow_src_last_pkt_time":1685638455443887,"flow_dst_last_pkt_time":1685638455443887,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685638455443887,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPMRpTXsg6KdRW27NpdkAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685638455443887,"flow_src_last_pkt_time":1685638455443887,"flow_dst_last_pkt_time":1685638455443887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685638455443887,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"69.109.187.54","src_port":38756,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685637797751103,"flow_src_last_pkt_time":1685637797751103,"flow_dst_last_pkt_time":1685637797751103,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685638455443887,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.144.84.62","src_port":38061,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":14,"packets-processed":13,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1176,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":12,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":12,"total-idle-flows":11,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":60,"global_ts_usec":1685644247091385} +00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":14,"packets-processed":13,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1176,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":12,"total-detection-updates":0,"total-updates":2,"current-active-flows":1,"total-active-flows":12,"total-idle-flows":11,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":60,"global_ts_usec":1685644247091385} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644247091385,"flow_src_last_pkt_time":1685644247091385,"flow_dst_last_pkt_time":1685644247091385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644247091385,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":39908,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":1,"flow_src_last_pkt_time":1685644247091385,"flow_dst_last_pkt_time":1685644247091385,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685644247091385,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80OZvkAasAJU6QAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644247091385,"flow_src_last_pkt_time":1685644247091385,"flow_dst_last_pkt_time":1685644247091385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644247091385,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":39908,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -70,13 +70,13 @@ 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":1,"flow_src_last_pkt_time":1685644782769825,"flow_dst_last_pkt_time":1685644782769825,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685644782769825,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPURKLnIH5CeunDKNZLgAasAJVeXAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":16,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644782769825,"flow_src_last_pkt_time":1685644782769825,"flow_dst_last_pkt_time":1685644782769825,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644782769825,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":37600,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644675913837,"flow_src_last_pkt_time":1685644675913837,"flow_dst_last_pkt_time":1685644675913837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685644782769825,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":40656,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":17,"packets-processed":16,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1263,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":15,"total-detection-updates":0,"total-updates":3,"current-active-flows":2,"total-active-flows":15,"total-idle-flows":13,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":73,"global_ts_usec":1685646379667471} +00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":17,"packets-processed":16,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1263,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":15,"total-detection-updates":0,"total-updates":3,"current-active-flows":2,"total-active-flows":15,"total-idle-flows":13,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":73,"global_ts_usec":1685646379667471} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685646379667471,"flow_src_last_pkt_time":1685646379667471,"flow_dst_last_pkt_time":1685646379667471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685646379667471,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.147.171.51","src_port":53651,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":1,"flow_src_last_pkt_time":1685646379667471,"flow_dst_last_pkt_time":1685646379667471,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685646379667471,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbNVGHGX8WpOrM9GTAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":17,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685646379667471,"flow_src_last_pkt_time":1685646379667471,"flow_dst_last_pkt_time":1685646379667471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685646379667471,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.147.171.51","src_port":53651,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644782769825,"flow_src_last_pkt_time":1685644782769825,"flow_dst_last_pkt_time":1685644782769825,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685646379667471,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":37600,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685644675913837,"flow_src_last_pkt_time":1685644675913837,"flow_dst_last_pkt_time":1685644675913837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685646379667471,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":40656,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":18,"packets-processed":17,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1292,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":16,"total-detection-updates":0,"total-updates":3,"current-active-flows":1,"total-active-flows":16,"total-idle-flows":15,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":79,"global_ts_usec":1685647342398373} +00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":18,"packets-processed":17,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1292,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":16,"total-detection-updates":0,"total-updates":3,"current-active-flows":1,"total-active-flows":16,"total-idle-flows":15,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":79,"global_ts_usec":1685647342398373} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647342398373,"flow_src_last_pkt_time":1685647342398373,"flow_dst_last_pkt_time":1685647342398373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647342398373,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":38913,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":1,"flow_src_last_pkt_time":1685647342398373,"flow_dst_last_pkt_time":1685647342398373,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685647342398373,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN5gBAasAJVJ4AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":18,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647342398373,"flow_src_last_pkt_time":1685647342398373,"flow_dst_last_pkt_time":1685647342398373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647342398373,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":38913,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -85,7 +85,7 @@ 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":1,"flow_src_last_pkt_time":1685647407833070,"flow_dst_last_pkt_time":1685647407833070,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685647407833070,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMoKtAasAJWfNAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647407833070,"flow_src_last_pkt_time":1685647407833070,"flow_dst_last_pkt_time":1685647407833070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647407833070,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":33453,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647342398373,"flow_src_last_pkt_time":1685647342398373,"flow_dst_last_pkt_time":1685647342398373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647407833070,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":38913,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":20,"packets-processed":19,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1350,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":18,"total-detection-updates":0,"total-updates":4,"current-active-flows":2,"total-active-flows":18,"total-idle-flows":16,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":88,"global_ts_usec":1685647960810732} +00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":20,"packets-processed":19,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1350,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":18,"total-detection-updates":0,"total-updates":4,"current-active-flows":2,"total-active-flows":18,"total-idle-flows":16,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":88,"global_ts_usec":1685647960810732} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647960810732,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647960810732,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":60963,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_packet_id":1,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685647960810732,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lOO4jAasAJfxRAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647960810732,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685647960810732,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":60963,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -95,13 +95,13 @@ 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":1,"flow_src_last_pkt_time":1685648124700322,"flow_dst_last_pkt_time":1685648124700322,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685648124700322,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM6ErAasAJUlQAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648124700322,"flow_src_last_pkt_time":1685648124700322,"flow_dst_last_pkt_time":1685648124700322,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648124700322,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":41259,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647960810732,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648124700322,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":60963,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":22,"packets-processed":21,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1408,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":20,"total-detection-updates":0,"total-updates":5,"current-active-flows":2,"total-active-flows":20,"total-idle-flows":18,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":98,"global_ts_usec":1685648698148233} +00842{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":22,"packets-processed":21,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1408,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":20,"total-detection-updates":0,"total-updates":5,"current-active-flows":2,"total-active-flows":20,"total-idle-flows":18,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":98,"global_ts_usec":1685648698148233} 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648698148233,"flow_src_last_pkt_time":1685648698148233,"flow_dst_last_pkt_time":1685648698148233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648698148233,"l3_proto":"ip4","src_ip":"62.230.4.248","dst_ip":"165.144.84.62","src_port":56007,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":1,"flow_src_last_pkt_time":1685648698148233,"flow_dst_last_pkt_time":1685648698148233,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685648698148233,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbM4+5gT4pZBUPtrHAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648698148233,"flow_src_last_pkt_time":1685648698148233,"flow_dst_last_pkt_time":1685648698148233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648698148233,"l3_proto":"ip4","src_ip":"62.230.4.248","dst_ip":"165.144.84.62","src_port":56007,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685647960810732,"flow_src_last_pkt_time":1685647960810732,"flow_dst_last_pkt_time":1685647960810732,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648698148233,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":60963,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685648124700322,"flow_src_last_pkt_time":1685648124700322,"flow_dst_last_pkt_time":1685648124700322,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685648698148233,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":41259,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":23,"packets-processed":22,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1437,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":21,"total-detection-updates":0,"total-updates":5,"current-active-flows":1,"total-active-flows":21,"total-idle-flows":20,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":104,"global_ts_usec":1685650322996075} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":23,"packets-processed":22,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1437,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":21,"total-detection-updates":0,"total-updates":5,"current-active-flows":1,"total-active-flows":21,"total-idle-flows":20,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":104,"global_ts_usec":1685650322996075} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650322996075,"flow_src_last_pkt_time":1685650322996075,"flow_dst_last_pkt_time":1685650322996075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650322996075,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":52741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":1,"flow_src_last_pkt_time":1685650322996075,"flow_dst_last_pkt_time":1685650322996075,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685650322996075,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPc4FAasAJRxqAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650322996075,"flow_src_last_pkt_time":1685650322996075,"flow_dst_last_pkt_time":1685650322996075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650322996075,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":52741,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -114,18 +114,18 @@ 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":24,"flow_packet_id":1,"flow_src_last_pkt_time":1685650669220572,"flow_dst_last_pkt_time":1685650669220572,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685650669220572,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPqhCAasAJUIuAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650669220572,"flow_src_last_pkt_time":1685650669220572,"flow_dst_last_pkt_time":1685650669220572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650669220572,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":43074,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650536282125,"flow_src_last_pkt_time":1685650536282125,"flow_dst_last_pkt_time":1685650536282125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650669220572,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":39516,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":26,"packets-processed":25,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1524,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":24,"total-detection-updates":0,"total-updates":6,"current-active-flows":2,"total-active-flows":24,"total-idle-flows":22,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":117,"global_ts_usec":1685650926504967} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":26,"packets-processed":25,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1524,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":24,"total-detection-updates":0,"total-updates":6,"current-active-flows":2,"total-active-flows":24,"total-idle-flows":22,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":117,"global_ts_usec":1685650926504967} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650926504967,"flow_src_last_pkt_time":1685650926504967,"flow_dst_last_pkt_time":1685650926504967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650926504967,"l3_proto":"ip4","src_ip":"198.229.224.110","dst_ip":"90.145.180.58","src_port":56395,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":25,"flow_packet_id":1,"flow_src_last_pkt_time":1685650926504967,"flow_dst_last_pkt_time":1685650926504967,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685650926504967,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPoRbJPG5eBuWpG0OtxLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650926504967,"flow_src_last_pkt_time":1685650926504967,"flow_dst_last_pkt_time":1685650926504967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650926504967,"l3_proto":"ip4","src_ip":"198.229.224.110","dst_ip":"90.145.180.58","src_port":56395,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650536282125,"flow_src_last_pkt_time":1685650536282125,"flow_dst_last_pkt_time":1685650536282125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650926504967,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":39516,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650669220572,"flow_src_last_pkt_time":1685650669220572,"flow_dst_last_pkt_time":1685650669220572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685650926504967,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":43074,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":27,"packets-processed":26,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1553,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":25,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":25,"total-idle-flows":24,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":123,"global_ts_usec":1685653377845672} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":27,"packets-processed":26,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1553,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":25,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":25,"total-idle-flows":24,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":123,"global_ts_usec":1685653377845672} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685653377845672,"flow_src_last_pkt_time":1685653377845672,"flow_dst_last_pkt_time":1685653377845672,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685653377845672,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":27095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":26,"flow_packet_id":1,"flow_src_last_pkt_time":1685653377845672,"flow_dst_last_pkt_time":1685653377845672,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685653377845672,"pkt":"AAwp30Y4PJTVQTiBCABFAABSlBMAAG4Rf4VDnxCWpZBUPmnXAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685653377845672,"flow_src_last_pkt_time":1685653377845672,"flow_dst_last_pkt_time":1685653377845672,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685653377845672,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":27095,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685650926504967,"flow_src_last_pkt_time":1685650926504967,"flow_dst_last_pkt_time":1685650926504967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685653377845672,"l3_proto":"ip4","src_ip":"198.229.224.110","dst_ip":"90.145.180.58","src_port":56395,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":28,"packets-processed":27,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1607,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":26,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":26,"total-idle-flows":25,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":128,"global_ts_usec":1685656813046229} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":28,"packets-processed":27,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1607,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":26,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":26,"total-idle-flows":25,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":128,"global_ts_usec":1685656813046229} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685656813046229,"flow_src_last_pkt_time":1685656813046229,"flow_dst_last_pkt_time":1685656813046229,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685656813046229,"l3_proto":"ip4","src_ip":"217.217.186.39","dst_ip":"186.112.202.53","src_port":52663,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":1,"flow_src_last_pkt_time":1685656813046229,"flow_dst_last_pkt_time":1685656813046229,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685656813046229,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbWnZ2bonunDKNc23AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685656813046229,"flow_src_last_pkt_time":1685656813046229,"flow_dst_last_pkt_time":1685656813046229,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685656813046229,"l3_proto":"ip4","src_ip":"217.217.186.39","dst_ip":"186.112.202.53","src_port":52663,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -134,7 +134,7 @@ 00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":1,"flow_src_last_pkt_time":1685657160451708,"flow_dst_last_pkt_time":1685657160451708,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685657160451708,"pkt":"bpHurUgdPJTVQTiBCABFCABLsZ4AACIRGQ0j\/EVxRW27NmYwAasAN7uVAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685657160451708,"flow_src_last_pkt_time":1685657160451708,"flow_dst_last_pkt_time":1685657160451708,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685657160451708,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":26160,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685656813046229,"flow_src_last_pkt_time":1685656813046229,"flow_dst_last_pkt_time":1685656813046229,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685657160451708,"l3_proto":"ip4","src_ip":"217.217.186.39","dst_ip":"186.112.202.53","src_port":52663,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":30,"packets-processed":29,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1683,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":28,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":28,"total-idle-flows":27,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":137,"global_ts_usec":1685719505759316} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":30,"packets-processed":29,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1683,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":28,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":28,"total-idle-flows":27,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":137,"global_ts_usec":1685719505759316} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719505759316,"flow_src_last_pkt_time":1685719505759316,"flow_dst_last_pkt_time":1685719505759316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719505759316,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"90.141.37.56","src_port":45441,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":1,"flow_src_last_pkt_time":1685719505759316,"flow_dst_last_pkt_time":1685719505759316,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685719505759316,"pkt":"3jHC4dyOPJTVQTiBCABFAABL9UAAACcR3eciZn14Wo0lOLGBAasAN325AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00950{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719505759316,"flow_src_last_pkt_time":1685719505759316,"flow_dst_last_pkt_time":1685719505759316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719505759316,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"90.141.37.56","src_port":45441,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -143,12 +143,12 @@ 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":31,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":1,"flow_src_last_pkt_time":1685719700086818,"flow_dst_last_pkt_time":1685719700086818,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685719700086818,"pkt":"AAwp30Y4PJTVQTiBCABFCABLINwAACQRo44bhqncWpOrM+VDAasANzhBAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":31,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719700086818,"flow_src_last_pkt_time":1685719700086818,"flow_dst_last_pkt_time":1685719700086818,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719700086818,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.147.171.51","src_port":58691,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00989{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719505759316,"flow_src_last_pkt_time":1685719505759316,"flow_dst_last_pkt_time":1685719505759316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685719700086818,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"90.141.37.56","src_port":45441,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":32,"packets-processed":31,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1777,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":30,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":30,"total-idle-flows":29,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":146,"global_ts_usec":1685722352249009} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":32,"packets-processed":31,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1777,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":30,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":30,"total-idle-flows":29,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":146,"global_ts_usec":1685722352249009} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685722352249009,"flow_src_last_pkt_time":1685722352249009,"flow_dst_last_pkt_time":1685722352249009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685722352249009,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":33386,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":1,"flow_src_last_pkt_time":1685722352249009,"flow_dst_last_pkt_time":1685722352249009,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685722352249009,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAOsREgyGtJCVunDKNYJqAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685722352249009,"flow_src_last_pkt_time":1685722352249009,"flow_dst_last_pkt_time":1685722352249009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685722352249009,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":33386,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685719700086818,"flow_src_last_pkt_time":1685719700086818,"flow_dst_last_pkt_time":1685719700086818,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685722352249009,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.147.171.51","src_port":58691,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":33,"packets-processed":32,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":31,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":31,"total-idle-flows":30,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":151,"global_ts_usec":1685724063085340} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":33,"packets-processed":32,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":31,"total-detection-updates":0,"total-updates":6,"current-active-flows":1,"total-active-flows":31,"total-idle-flows":30,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":151,"global_ts_usec":1685724063085340} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724063085340,"flow_src_last_pkt_time":1685724063085340,"flow_dst_last_pkt_time":1685724063085340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724063085340,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.145.180.58","src_port":50939,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":32,"flow_packet_id":1,"flow_src_last_pkt_time":1685724063085340,"flow_dst_last_pkt_time":1685724063085340,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685724063085340,"pkt":"bs1PogZtPJTVQTiBCABFCABLVAkAACQRcFsk523ZWpG0Osb7AasAN1aDAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724063085340,"flow_src_last_pkt_time":1685724063085340,"flow_dst_last_pkt_time":1685724063085340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724063085340,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.145.180.58","src_port":50939,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -161,7 +161,7 @@ 00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":35,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":1,"flow_src_last_pkt_time":1685724460743313,"flow_dst_last_pkt_time":1685724460743313,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685724460743313,"pkt":"moT+\/Ph8PJTVQTiBCABFCAB+1DEAAOsREgK2tHiLVW80OeZaAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":35,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724460743313,"flow_src_last_pkt_time":1685724460743313,"flow_dst_last_pkt_time":1685724460743313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724460743313,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"85.111.52.57","src_port":58970,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685724385340729,"flow_src_last_pkt_time":1685724385340729,"flow_dst_last_pkt_time":1685724385340729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685724460743313,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":41334,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":36,"packets-processed":35,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2067,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":34,"total-detection-updates":0,"total-updates":7,"current-active-flows":2,"total-active-flows":34,"total-idle-flows":32,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":164,"global_ts_usec":1685725477275419} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":36,"packets-processed":35,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2067,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":34,"total-detection-updates":0,"total-updates":7,"current-active-flows":2,"total-active-flows":34,"total-idle-flows":32,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":164,"global_ts_usec":1685725477275419} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725477275419,"flow_src_last_pkt_time":1685725477275419,"flow_dst_last_pkt_time":1685725477275419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725477275419,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":55489,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":1,"flow_src_last_pkt_time":1685725477275419,"flow_dst_last_pkt_time":1685725477275419,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685725477275419,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZXItJByWm\/UMtjBAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725477275419,"flow_src_last_pkt_time":1685725477275419,"flow_dst_last_pkt_time":1685725477275419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725477275419,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":55489,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -180,7 +180,7 @@ 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725970240675,"flow_src_last_pkt_time":1685725970240675,"flow_dst_last_pkt_time":1685725970240675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725970240675,"l3_proto":"ip4","src_ip":"47.123.189.155","dst_ip":"90.147.171.51","src_port":56038,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725705626703,"flow_src_last_pkt_time":1685725705626703,"flow_dst_last_pkt_time":1685725705626703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725970240675,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":60983,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685725834402274,"flow_src_last_pkt_time":1685725834402274,"flow_dst_last_pkt_time":1685725834402274,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685725970240675,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.141.37.56","src_port":38679,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":40,"packets-processed":39,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2459,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":38,"total-detection-updates":0,"total-updates":9,"current-active-flows":2,"total-active-flows":38,"total-idle-flows":36,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":183,"global_ts_usec":1685726470530729} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":40,"packets-processed":39,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2459,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":38,"total-detection-updates":0,"total-updates":9,"current-active-flows":2,"total-active-flows":38,"total-idle-flows":36,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":183,"global_ts_usec":1685726470530729} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726470530729,"flow_src_last_pkt_time":1685726470530729,"flow_dst_last_pkt_time":1685726470530729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726470530729,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"74.111.203.55","src_port":48096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":1,"flow_src_last_pkt_time":1685726470530729,"flow_dst_last_pkt_time":1685726470530729,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685726470530729,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPARDNBGtG\/xSm\/LN7vgAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726470530729,"flow_src_last_pkt_time":1685726470530729,"flow_dst_last_pkt_time":1685726470530729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726470530729,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"74.111.203.55","src_port":48096,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -190,43 +190,43 @@ 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":1,"flow_src_last_pkt_time":1685726834568415,"flow_dst_last_pkt_time":1685726834568415,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685726834568415,"pkt":"bs1PogZtPJTVQTiBCABFCAB+1DEAAOsREgC2tHiLWpG0OrXjAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726834568415,"flow_src_last_pkt_time":1685726834568415,"flow_dst_last_pkt_time":1685726834568415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726834568415,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":46563,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726470530729,"flow_src_last_pkt_time":1685726470530729,"flow_dst_last_pkt_time":1685726470530729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685726834568415,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"74.111.203.55","src_port":48096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":42,"packets-processed":41,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2655,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":40,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":40,"total-idle-flows":39,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":193,"global_ts_usec":1685731799713540} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":42,"packets-processed":41,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2655,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":40,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":40,"total-idle-flows":39,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":193,"global_ts_usec":1685731799713540} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685731799713540,"flow_src_last_pkt_time":1685731799713540,"flow_dst_last_pkt_time":1685731799713540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685731799713540,"l3_proto":"ip4","src_ip":"218.19.29.186","dst_ip":"90.111.212.50","src_port":56315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":41,"flow_packet_id":1,"flow_src_last_pkt_time":1685731799713540,"flow_dst_last_pkt_time":1685731799713540,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685731799713540,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbPbaEx26Wm\/UMtv7AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":42,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685731799713540,"flow_src_last_pkt_time":1685731799713540,"flow_dst_last_pkt_time":1685731799713540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685731799713540,"l3_proto":"ip4","src_ip":"218.19.29.186","dst_ip":"90.111.212.50","src_port":56315,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685726834568415,"flow_src_last_pkt_time":1685726834568415,"flow_dst_last_pkt_time":1685726834568415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685731799713540,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":46563,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":43,"packets-processed":42,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2684,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":41,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":41,"total-idle-flows":40,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":198,"global_ts_usec":1685734492958804} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":43,"packets-processed":42,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2684,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":41,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":41,"total-idle-flows":40,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":198,"global_ts_usec":1685734492958804} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685734492958804,"flow_src_last_pkt_time":1685734492958804,"flow_dst_last_pkt_time":1685734492958804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685734492958804,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"69.109.187.54","src_port":51349,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":1,"flow_src_last_pkt_time":1685734492958804,"flow_dst_last_pkt_time":1685734492958804,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685734492958804,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRbOC61Z7hRW27NsiVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685734492958804,"flow_src_last_pkt_time":1685734492958804,"flow_dst_last_pkt_time":1685734492958804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685734492958804,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"69.109.187.54","src_port":51349,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685731799713540,"flow_src_last_pkt_time":1685731799713540,"flow_dst_last_pkt_time":1685731799713540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685734492958804,"l3_proto":"ip4","src_ip":"218.19.29.186","dst_ip":"90.111.212.50","src_port":56315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":44,"packets-processed":43,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2713,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":42,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":42,"total-idle-flows":41,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":203,"global_ts_usec":1685736988753451} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":44,"packets-processed":43,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2713,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":42,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":42,"total-idle-flows":41,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":203,"global_ts_usec":1685736988753451} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685736988753451,"flow_src_last_pkt_time":1685736988753451,"flow_dst_last_pkt_time":1685736988753451,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685736988753451,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.141.37.56","src_port":7086,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":1,"flow_src_last_pkt_time":1685736988753451,"flow_dst_last_pkt_time":1685736988753451,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685736988753451,"pkt":"3jHC4dyOPJTVQTiBCABFCABLe9YAACQRSJTn33nVWo0lOBuuAasANwHXAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685736988753451,"flow_src_last_pkt_time":1685736988753451,"flow_dst_last_pkt_time":1685736988753451,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685736988753451,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.141.37.56","src_port":7086,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685734492958804,"flow_src_last_pkt_time":1685734492958804,"flow_dst_last_pkt_time":1685734492958804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685736988753451,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"69.109.187.54","src_port":51349,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":45,"packets-processed":44,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2760,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":43,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":43,"total-idle-flows":42,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":208,"global_ts_usec":1685741033951129} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":45,"packets-processed":44,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2760,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":43,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":43,"total-idle-flows":42,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":208,"global_ts_usec":1685741033951129} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685741033951129,"flow_src_last_pkt_time":1685741033951129,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685741033951129,"l3_proto":"ip4","src_ip":"20.133.112.32","dst_ip":"165.114.202.61","src_port":11510,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":1,"flow_src_last_pkt_time":1685741033951129,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685741033951129,"pkt":"AAwp30Y4PJTVQTiBCABFCABSKPYAACgRnOcUhXAgpXLKPSz2AasAPogCAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":45,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685741033951129,"flow_src_last_pkt_time":1685741033951129,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685741033951129,"l3_proto":"ip4","src_ip":"20.133.112.32","dst_ip":"165.114.202.61","src_port":11510,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":46,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":2,"flow_src_last_pkt_time":1685741033951143,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685741033951143,"pkt":"AAwp30Y4PJTVQTiBCABFCABSKPYAACgRnOcUhXAgpXLKPSz2AasAPogCAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685736988753451,"flow_src_last_pkt_time":1685736988753451,"flow_dst_last_pkt_time":1685736988753451,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685741033951143,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.141.37.56","src_port":7086,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":47,"packets-processed":46,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2868,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":44,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":44,"total-idle-flows":43,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":214,"global_ts_usec":1685749458942275} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":47,"packets-processed":46,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2868,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":44,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":44,"total-idle-flows":43,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":214,"global_ts_usec":1685749458942275} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685749458942275,"flow_src_last_pkt_time":1685749458942275,"flow_dst_last_pkt_time":1685749458942275,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685749458942275,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"186.112.202.53","src_port":51745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":1,"flow_src_last_pkt_time":1685749458942275,"flow_dst_last_pkt_time":1685749458942275,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685749458942275,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRYABTMNjrunDKNcohAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":47,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685749458942275,"flow_src_last_pkt_time":1685749458942275,"flow_dst_last_pkt_time":1685749458942275,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685749458942275,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"186.112.202.53","src_port":51745,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1685741033951129,"flow_src_last_pkt_time":1685741033951143,"flow_dst_last_pkt_time":1685741033951129,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685749458942275,"l3_proto":"ip4","src_ip":"20.133.112.32","dst_ip":"165.114.202.61","src_port":11510,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":48,"packets-processed":47,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2897,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":45,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":45,"total-idle-flows":44,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":219,"global_ts_usec":1685750473996900} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":48,"packets-processed":47,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2897,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":45,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":45,"total-idle-flows":44,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":219,"global_ts_usec":1685750473996900} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685750473996900,"flow_src_last_pkt_time":1685750473996900,"flow_dst_last_pkt_time":1685750473996900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685750473996900,"l3_proto":"ip4","src_ip":"154.97.132.119","dst_ip":"165.144.84.62","src_port":64306,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":1,"flow_src_last_pkt_time":1685750473996900,"flow_dst_last_pkt_time":1685750473996900,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685750473996900,"pkt":"AAwp30Y4PJTVQTiBCABFAABLscgAACcRIVOaYYR3pZBUPvsyAasANzP7AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":48,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685750473996900,"flow_src_last_pkt_time":1685750473996900,"flow_dst_last_pkt_time":1685750473996900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685750473996900,"l3_proto":"ip4","src_ip":"154.97.132.119","dst_ip":"165.144.84.62","src_port":64306,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685749458942275,"flow_src_last_pkt_time":1685749458942275,"flow_dst_last_pkt_time":1685749458942275,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685750473996900,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"186.112.202.53","src_port":51745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":49,"packets-processed":48,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2944,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":46,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":46,"total-idle-flows":45,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":224,"global_ts_usec":1685754984415729} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":49,"packets-processed":48,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2944,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":46,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":46,"total-idle-flows":45,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":224,"global_ts_usec":1685754984415729} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685754984415729,"flow_src_last_pkt_time":1685754984415729,"flow_dst_last_pkt_time":1685754984415729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685754984415729,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"90.145.180.58","src_port":56358,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":47,"flow_packet_id":1,"flow_src_last_pkt_time":1685754984415729,"flow_dst_last_pkt_time":1685754984415729,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685754984415729,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPoRXvtTMNjrWpG0OtwmAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685754984415729,"flow_src_last_pkt_time":1685754984415729,"flow_dst_last_pkt_time":1685754984415729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685754984415729,"l3_proto":"ip4","src_ip":"83.48.216.235","dst_ip":"90.145.180.58","src_port":56358,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685750473996900,"flow_src_last_pkt_time":1685750473996900,"flow_dst_last_pkt_time":1685750473996900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685754984415729,"l3_proto":"ip4","src_ip":"154.97.132.119","dst_ip":"165.144.84.62","src_port":64306,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":50,"packets-processed":49,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2973,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":47,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":47,"total-idle-flows":46,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":229,"global_ts_usec":1685757305453914} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":50,"packets-processed":49,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2973,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":47,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":47,"total-idle-flows":46,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":229,"global_ts_usec":1685757305453914} 00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757305453914,"flow_src_last_pkt_time":1685757305453914,"flow_dst_last_pkt_time":1685757305453914,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757305453914,"l3_proto":"ip4","src_ip":"72.30.8.39","dst_ip":"90.111.212.50","src_port":43690,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":1,"flow_src_last_pkt_time":1685757305453914,"flow_dst_last_pkt_time":1685757305453914,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685757305453914,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+GZhAADQR3IJIHggnWm\/UMqqqAasAKnQsAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00941{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757305453914,"flow_src_last_pkt_time":1685757305453914,"flow_dst_last_pkt_time":1685757305453914,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757305453914,"l3_proto":"ip4","src_ip":"72.30.8.39","dst_ip":"90.111.212.50","src_port":43690,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -235,7 +235,7 @@ 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":51,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":1,"flow_src_last_pkt_time":1685757594807526,"flow_dst_last_pkt_time":1685757594807526,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685757594807526,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+4kRAADQRE8lHJggvWo0lOKbBAasAKngIAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00940{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":51,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757594807526,"flow_src_last_pkt_time":1685757594807526,"flow_dst_last_pkt_time":1685757594807526,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757594807526,"l3_proto":"ip4","src_ip":"71.38.8.47","dst_ip":"90.141.37.56","src_port":42689,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00980{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685757305453914,"flow_src_last_pkt_time":1685757305453914,"flow_dst_last_pkt_time":1685757305453914,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685757594807526,"l3_proto":"ip4","src_ip":"72.30.8.39","dst_ip":"90.111.212.50","src_port":43690,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":52,"packets-processed":51,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3041,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":49,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":49,"total-idle-flows":48,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":238,"global_ts_usec":1685758217856293} +00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":52,"packets-processed":51,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3041,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":49,"total-detection-updates":0,"total-updates":9,"current-active-flows":1,"total-active-flows":49,"total-idle-flows":48,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":238,"global_ts_usec":1685758217856293} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758217856293,"flow_src_last_pkt_time":1685758217856293,"flow_dst_last_pkt_time":1685758217856293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758217856293,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"165.144.84.62","src_port":12409,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":1,"flow_src_last_pkt_time":1685758217856293,"flow_dst_last_pkt_time":1685758217856293,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685758217856293,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+f25AADQRdoJ5avcUpZBUPjB5AasAKu4zAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758217856293,"flow_src_last_pkt_time":1685758217856293,"flow_dst_last_pkt_time":1685758217856293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758217856293,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"165.144.84.62","src_port":12409,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -249,7 +249,7 @@ 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":54,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758497495915,"flow_src_last_pkt_time":1685758497495915,"flow_dst_last_pkt_time":1685758497495915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758497495915,"l3_proto":"ip4","src_ip":"185.225.247.8","dst_ip":"165.114.202.61","src_port":48375,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758217856293,"flow_src_last_pkt_time":1685758217856293,"flow_dst_last_pkt_time":1685758217856293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758497495915,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"165.144.84.62","src_port":12409,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00982{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758396547203,"flow_src_last_pkt_time":1685758396547203,"flow_dst_last_pkt_time":1685758396547203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758497495915,"l3_proto":"ip4","src_ip":"55.94.8.63","dst_ip":"90.145.180.58","src_port":43995,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":55,"packets-processed":54,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3143,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":52,"total-detection-updates":0,"total-updates":11,"current-active-flows":2,"total-active-flows":52,"total-idle-flows":50,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":252,"global_ts_usec":1685758883587256} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":55,"packets-processed":54,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3143,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":52,"total-detection-updates":0,"total-updates":11,"current-active-flows":2,"total-active-flows":52,"total-idle-flows":50,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":252,"global_ts_usec":1685758883587256} 00773{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758883587256,"flow_src_last_pkt_time":1685758883587256,"flow_dst_last_pkt_time":1685758883587256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758883587256,"l3_proto":"ip4","src_ip":"121.82.8.7","dst_ip":"85.111.52.57","src_port":60170,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":53,"flow_packet_id":1,"flow_src_last_pkt_time":1685758883587256,"flow_dst_last_pkt_time":1685758883587256,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685758883587256,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+3xBAADQRFtB5UggHVW80OesKAasAKjOSAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00940{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758883587256,"flow_src_last_pkt_time":1685758883587256,"flow_dst_last_pkt_time":1685758883587256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685758883587256,"l3_proto":"ip4","src_ip":"121.82.8.7","dst_ip":"85.111.52.57","src_port":60170,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -259,7 +259,7 @@ 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":56,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":54,"flow_packet_id":1,"flow_src_last_pkt_time":1685759315778010,"flow_dst_last_pkt_time":1685759315778010,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685759315778010,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+7TlAADQRCL55avcUunDKNdiyAasAKkYBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":56,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759315778010,"flow_src_last_pkt_time":1685759315778010,"flow_dst_last_pkt_time":1685759315778010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759315778010,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"186.112.202.53","src_port":55474,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685758883587256,"flow_src_last_pkt_time":1685758883587256,"flow_dst_last_pkt_time":1685758883587256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759315778010,"l3_proto":"ip4","src_ip":"121.82.8.7","dst_ip":"85.111.52.57","src_port":60170,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":57,"packets-processed":56,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3211,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":54,"total-detection-updates":0,"total-updates":11,"current-active-flows":1,"total-active-flows":54,"total-idle-flows":53,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":262,"global_ts_usec":1685759582800435} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":57,"packets-processed":56,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3211,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":54,"total-detection-updates":0,"total-updates":11,"current-active-flows":1,"total-active-flows":54,"total-idle-flows":53,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":262,"global_ts_usec":1685759582800435} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759582800435,"flow_src_last_pkt_time":1685759582800435,"flow_dst_last_pkt_time":1685759582800435,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759582800435,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"90.147.171.51","src_port":55474,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":1,"flow_src_last_pkt_time":1685759582800435,"flow_dst_last_pkt_time":1685759582800435,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685759582800435,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+PaVAADQRuFZ5avcUWpOrM9iyAasAKkYFAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":57,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759582800435,"flow_src_last_pkt_time":1685759582800435,"flow_dst_last_pkt_time":1685759582800435,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759582800435,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"90.147.171.51","src_port":55474,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -268,7 +268,7 @@ 00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":58,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":56,"flow_packet_id":1,"flow_src_last_pkt_time":1685759668286856,"flow_dst_last_pkt_time":1685759668286856,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685759668286856,"pkt":"ipffLU2SPJTVQTiBCABFAAA+WVBAADQRnKXIYfcYSm\/LN1ZsAasAKshFAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":58,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759668286856,"flow_src_last_pkt_time":1685759668286856,"flow_dst_last_pkt_time":1685759668286856,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759668286856,"l3_proto":"ip4","src_ip":"200.97.247.24","dst_ip":"74.111.203.55","src_port":22124,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685759582800435,"flow_src_last_pkt_time":1685759582800435,"flow_dst_last_pkt_time":1685759582800435,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685759668286856,"l3_proto":"ip4","src_ip":"121.106.247.20","dst_ip":"90.147.171.51","src_port":55474,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":59,"packets-processed":58,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3279,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":56,"total-detection-updates":0,"total-updates":12,"current-active-flows":2,"total-active-flows":56,"total-idle-flows":54,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":271,"global_ts_usec":1685761109424998} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":59,"packets-processed":58,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3279,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":56,"total-detection-updates":0,"total-updates":12,"current-active-flows":2,"total-active-flows":56,"total-idle-flows":54,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":271,"global_ts_usec":1685761109424998} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761109424998,"flow_src_last_pkt_time":1685761109424998,"flow_dst_last_pkt_time":1685761109424998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761109424998,"l3_proto":"ip4","src_ip":"121.35.244.56","dst_ip":"90.145.180.58","src_port":30580,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00581{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":1,"flow_src_last_pkt_time":1685761109424998,"flow_dst_last_pkt_time":1685761109424998,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685761109424998,"pkt":"bs1PogZtPJTVQTiBCABFBABS6itAACERQQR5I\/Q4WpG0Ond0AasAPtvSAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":59,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761109424998,"flow_src_last_pkt_time":1685761109424998,"flow_dst_last_pkt_time":1685761109424998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761109424998,"l3_proto":"ip4","src_ip":"121.35.244.56","dst_ip":"90.145.180.58","src_port":30580,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -283,74 +283,74 @@ 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":61,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761390202624,"flow_src_last_pkt_time":1685761390202624,"flow_dst_last_pkt_time":1685761390202624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761390202624,"l3_proto":"ip4","src_ip":"38.236.38.224","dst_ip":"165.114.202.61","src_port":52729,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761109424998,"flow_src_last_pkt_time":1685761109424998,"flow_dst_last_pkt_time":1685761109424998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761390202624,"l3_proto":"ip4","src_ip":"121.35.244.56","dst_ip":"90.145.180.58","src_port":30580,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761214200787,"flow_src_last_pkt_time":1685761214200787,"flow_dst_last_pkt_time":1685761214200787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685761390202624,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"69.109.187.54","src_port":26060,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":62,"packets-processed":61,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3409,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":59,"total-detection-updates":0,"total-updates":14,"current-active-flows":2,"total-active-flows":59,"total-idle-flows":57,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":286,"global_ts_usec":1685764555721287} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":62,"packets-processed":61,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3409,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":59,"total-detection-updates":0,"total-updates":14,"current-active-flows":2,"total-active-flows":59,"total-idle-flows":57,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":286,"global_ts_usec":1685764555721287} 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685764555721287,"flow_src_last_pkt_time":1685764555721287,"flow_dst_last_pkt_time":1685764555721287,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685764555721287,"l3_proto":"ip4","src_ip":"69.230.164.78","dst_ip":"90.141.37.56","src_port":55275,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":60,"flow_packet_id":1,"flow_src_last_pkt_time":1685764555721287,"flow_dst_last_pkt_time":1685764555721287,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685764555721287,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbXpF5qROWo0lONfrAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685764555721287,"flow_src_last_pkt_time":1685764555721287,"flow_dst_last_pkt_time":1685764555721287,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685764555721287,"l3_proto":"ip4","src_ip":"69.230.164.78","dst_ip":"90.141.37.56","src_port":55275,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761390202624,"flow_src_last_pkt_time":1685761390202624,"flow_dst_last_pkt_time":1685761390202624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685764555721287,"l3_proto":"ip4","src_ip":"38.236.38.224","dst_ip":"165.114.202.61","src_port":52729,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685761214200787,"flow_src_last_pkt_time":1685761214200787,"flow_dst_last_pkt_time":1685761214200787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685764555721287,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"69.109.187.54","src_port":26060,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":63,"packets-processed":62,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3438,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":60,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":60,"total-idle-flows":59,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":292,"global_ts_usec":1685765514548491} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":63,"packets-processed":62,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3438,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":60,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":60,"total-idle-flows":59,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":292,"global_ts_usec":1685765514548491} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685765514548491,"flow_src_last_pkt_time":1685765514548491,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685765514548491,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.144.84.62","src_port":31778,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":1,"flow_src_last_pkt_time":1685765514548491,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685765514548491,"pkt":"AAwp30Y4PJTVQTiBCABFBABSeCIAADQRBE3rYkGFpZBUPnwiAasAPvtjAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":63,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685765514548491,"flow_src_last_pkt_time":1685765514548491,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685765514548491,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.144.84.62","src_port":31778,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00580{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":2,"flow_src_last_pkt_time":1685765514548505,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685765514548505,"pkt":"AAwp30Y4PJTVQTiBCABFBABSeCIAADQRBE3rYkGFpZBUPnwiAasAPvtjAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685764555721287,"flow_src_last_pkt_time":1685764555721287,"flow_dst_last_pkt_time":1685764555721287,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685765514548505,"l3_proto":"ip4","src_ip":"69.230.164.78","dst_ip":"90.141.37.56","src_port":55275,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":65,"packets-processed":64,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3546,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":61,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":61,"total-idle-flows":60,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":298,"global_ts_usec":1685768356139839} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":65,"packets-processed":64,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3546,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":61,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":61,"total-idle-flows":60,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":298,"global_ts_usec":1685768356139839} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685768356139839,"flow_src_last_pkt_time":1685768356139839,"flow_dst_last_pkt_time":1685768356139839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685768356139839,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"186.112.202.53","src_port":50660,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":62,"flow_packet_id":1,"flow_src_last_pkt_time":1685768356139839,"flow_dst_last_pkt_time":1685768356139839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685768356139839,"pkt":"xmjqc4OdPJTVQTiBCABFCABLLsoAACQRlZ5YH27bunDKNcXkAasAN1eeAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685768356139839,"flow_src_last_pkt_time":1685768356139839,"flow_dst_last_pkt_time":1685768356139839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685768356139839,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"186.112.202.53","src_port":50660,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1685765514548491,"flow_src_last_pkt_time":1685765514548505,"flow_dst_last_pkt_time":1685765514548491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685768356139839,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.144.84.62","src_port":31778,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":66,"packets-processed":65,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3593,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":62,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":62,"total-idle-flows":61,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":303,"global_ts_usec":1685771545738452} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":66,"packets-processed":65,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3593,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":62,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":62,"total-idle-flows":61,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":303,"global_ts_usec":1685771545738452} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685771545738452,"flow_src_last_pkt_time":1685771545738452,"flow_dst_last_pkt_time":1685771545738452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685771545738452,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.114.202.61","src_port":62892,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":1,"flow_src_last_pkt_time":1685771545738452,"flow_dst_last_pkt_time":1685771545738452,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685771545738452,"pkt":"AAwp30Y4PJTVQTiBCABFCABL4vwAACIR56cjAGRzpXLKPfWsAasANywSAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685771545738452,"flow_src_last_pkt_time":1685771545738452,"flow_dst_last_pkt_time":1685771545738452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685771545738452,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.114.202.61","src_port":62892,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685768356139839,"flow_src_last_pkt_time":1685768356139839,"flow_dst_last_pkt_time":1685768356139839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685771545738452,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"186.112.202.53","src_port":50660,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":67,"packets-processed":66,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3640,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":63,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":63,"total-idle-flows":62,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":308,"global_ts_usec":1685783660893661} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":67,"packets-processed":66,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3640,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":63,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":63,"total-idle-flows":62,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":308,"global_ts_usec":1685783660893661} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685783660893661,"flow_src_last_pkt_time":1685783660893661,"flow_dst_last_pkt_time":1685783660893661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685783660893661,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.144.84.62","src_port":17423,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":1,"flow_src_last_pkt_time":1685783660893661,"flow_dst_last_pkt_time":1685783660893661,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685783660893661,"pkt":"AAwp30Y4PJTVQTiBCABFAABLeWAAACcRWcMiZn14pZBUPkQPAasAN+smAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00951{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685783660893661,"flow_src_last_pkt_time":1685783660893661,"flow_dst_last_pkt_time":1685783660893661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685783660893661,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.144.84.62","src_port":17423,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685771545738452,"flow_src_last_pkt_time":1685771545738452,"flow_dst_last_pkt_time":1685771545738452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685783660893661,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.114.202.61","src_port":62892,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":68,"packets-processed":67,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3687,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":64,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":64,"total-idle-flows":63,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":313,"global_ts_usec":1685786055859235} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":68,"packets-processed":67,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3687,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":64,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":64,"total-idle-flows":63,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":313,"global_ts_usec":1685786055859235} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786055859235,"flow_src_last_pkt_time":1685786055859235,"flow_dst_last_pkt_time":1685786055859235,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786055859235,"l3_proto":"ip4","src_ip":"70.232.230.229","dst_ip":"85.111.52.57","src_port":51197,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":1,"flow_src_last_pkt_time":1685786055859235,"flow_dst_last_pkt_time":1685786055859235,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685786055859235,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbd9G6OblVW80Ocf9AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786055859235,"flow_src_last_pkt_time":1685786055859235,"flow_dst_last_pkt_time":1685786055859235,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786055859235,"l3_proto":"ip4","src_ip":"70.232.230.229","dst_ip":"85.111.52.57","src_port":51197,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00990{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685783660893661,"flow_src_last_pkt_time":1685783660893661,"flow_dst_last_pkt_time":1685783660893661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786055859235,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.144.84.62","src_port":17423,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":69,"packets-processed":68,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3716,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":65,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":65,"total-idle-flows":64,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":318,"global_ts_usec":1685786672936242} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":69,"packets-processed":68,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3716,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":65,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":65,"total-idle-flows":64,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":318,"global_ts_usec":1685786672936242} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786672936242,"flow_src_last_pkt_time":1685786672936242,"flow_dst_last_pkt_time":1685786672936242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786672936242,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"165.144.84.62","src_port":51708,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":66,"flow_packet_id":1,"flow_src_last_pkt_time":1685786672936242,"flow_dst_last_pkt_time":1685786672936242,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685786672936242,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRX96s7ZjRpZBUPsn8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786672936242,"flow_src_last_pkt_time":1685786672936242,"flow_dst_last_pkt_time":1685786672936242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786672936242,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"165.144.84.62","src_port":51708,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786055859235,"flow_src_last_pkt_time":1685786055859235,"flow_dst_last_pkt_time":1685786055859235,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685786672936242,"l3_proto":"ip4","src_ip":"70.232.230.229","dst_ip":"85.111.52.57","src_port":51197,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":70,"packets-processed":69,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3745,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":66,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":66,"total-idle-flows":65,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":323,"global_ts_usec":1685787446315396} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":70,"packets-processed":69,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3745,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":66,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":66,"total-idle-flows":65,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":323,"global_ts_usec":1685787446315396} 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685787446315396,"flow_src_last_pkt_time":1685787446315396,"flow_dst_last_pkt_time":1685787446315396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685787446315396,"l3_proto":"ip4","src_ip":"58.36.157.61","dst_ip":"74.111.203.55","src_port":53238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":1,"flow_src_last_pkt_time":1685787446315396,"flow_dst_last_pkt_time":1685787446315396,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685787446315396,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRbFE6JJ09Sm\/LN8\/2AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685787446315396,"flow_src_last_pkt_time":1685787446315396,"flow_dst_last_pkt_time":1685787446315396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685787446315396,"l3_proto":"ip4","src_ip":"58.36.157.61","dst_ip":"74.111.203.55","src_port":53238,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685786672936242,"flow_src_last_pkt_time":1685786672936242,"flow_dst_last_pkt_time":1685786672936242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685787446315396,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"165.144.84.62","src_port":51708,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":71,"packets-processed":70,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3774,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":67,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":67,"total-idle-flows":66,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":328,"global_ts_usec":1685789104454151} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":71,"packets-processed":70,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3774,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":67,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":67,"total-idle-flows":66,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":328,"global_ts_usec":1685789104454151} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685789104454151,"flow_src_last_pkt_time":1685789104454151,"flow_dst_last_pkt_time":1685789104454151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685789104454151,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"85.111.52.57","src_port":37207,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":1,"flow_src_last_pkt_time":1685789104454151,"flow_dst_last_pkt_time":1685789104454151,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685789104454151,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLkZcAACQRMtHjhlHUVW80OZFXAasAN4wrAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685789104454151,"flow_src_last_pkt_time":1685789104454151,"flow_dst_last_pkt_time":1685789104454151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685789104454151,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"85.111.52.57","src_port":37207,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685787446315396,"flow_src_last_pkt_time":1685787446315396,"flow_dst_last_pkt_time":1685787446315396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685789104454151,"l3_proto":"ip4","src_ip":"58.36.157.61","dst_ip":"74.111.203.55","src_port":53238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":72,"packets-processed":71,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3821,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":68,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":68,"total-idle-flows":67,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":333,"global_ts_usec":1685798769239701} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":72,"packets-processed":71,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3821,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":68,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":68,"total-idle-flows":67,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":333,"global_ts_usec":1685798769239701} 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685798769239701,"flow_src_last_pkt_time":1685798769239701,"flow_dst_last_pkt_time":1685798769239701,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685798769239701,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"85.111.52.57","src_port":51157,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":1,"flow_src_last_pkt_time":1685798769239701,"flow_dst_last_pkt_time":1685798769239701,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685798769239701,"pkt":"moT+\/Ph8PJTVQTiBCABFCABL6mEAACIR4FInO4t5VW80OcfVAasAN1n5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685798769239701,"flow_src_last_pkt_time":1685798769239701,"flow_dst_last_pkt_time":1685798769239701,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685798769239701,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"85.111.52.57","src_port":51157,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685789104454151,"flow_src_last_pkt_time":1685789104454151,"flow_dst_last_pkt_time":1685789104454151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685798769239701,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"85.111.52.57","src_port":37207,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":73,"packets-processed":72,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3868,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":69,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":69,"total-idle-flows":68,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":338,"global_ts_usec":1685802654160689} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":73,"packets-processed":72,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3868,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":69,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":69,"total-idle-flows":68,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":338,"global_ts_usec":1685802654160689} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685802654160689,"flow_src_last_pkt_time":1685802654160689,"flow_dst_last_pkt_time":1685802654160689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685802654160689,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.111.212.50","src_port":45177,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":70,"flow_packet_id":1,"flow_src_last_pkt_time":1685802654160689,"flow_dst_last_pkt_time":1685802654160689,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685802654160689,"pkt":"AAwp30Y4PJTVQTiBCABFCABLGncAACQRqffjhlHUWm\/UMrB5AasAN20PAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":73,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685802654160689,"flow_src_last_pkt_time":1685802654160689,"flow_dst_last_pkt_time":1685802654160689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685802654160689,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.111.212.50","src_port":45177,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685798769239701,"flow_src_last_pkt_time":1685798769239701,"flow_dst_last_pkt_time":1685798769239701,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685802654160689,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"85.111.52.57","src_port":51157,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":74,"packets-processed":73,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3915,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":70,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":70,"total-idle-flows":69,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":343,"global_ts_usec":1685803636118223} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":74,"packets-processed":73,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3915,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":70,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":70,"total-idle-flows":69,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":343,"global_ts_usec":1685803636118223} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685803636118223,"flow_src_last_pkt_time":1685803636118223,"flow_dst_last_pkt_time":1685803636118223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685803636118223,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"165.114.202.61","src_port":47772,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":71,"flow_packet_id":1,"flow_src_last_pkt_time":1685803636118223,"flow_dst_last_pkt_time":1685803636118223,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685803636118223,"pkt":"AAwp30Y4PJTVQTiBCABFCABL\/N4AACQRx31nR5LepXLKPbqcAasAN2LaAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685803636118223,"flow_src_last_pkt_time":1685803636118223,"flow_dst_last_pkt_time":1685803636118223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685803636118223,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"165.114.202.61","src_port":47772,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685802654160689,"flow_src_last_pkt_time":1685802654160689,"flow_dst_last_pkt_time":1685802654160689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685803636118223,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.111.212.50","src_port":45177,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":75,"packets-processed":74,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3962,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":71,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":71,"total-idle-flows":70,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":348,"global_ts_usec":1685804974645010} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":75,"packets-processed":74,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3962,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":71,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":71,"total-idle-flows":70,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":348,"global_ts_usec":1685804974645010} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685804974645010,"flow_src_last_pkt_time":1685804974645010,"flow_dst_last_pkt_time":1685804974645010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685804974645010,"l3_proto":"ip4","src_ip":"238.132.112.150","dst_ip":"90.147.171.51","src_port":44248,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":1,"flow_src_last_pkt_time":1685804974645010,"flow_dst_last_pkt_time":1685804974645010,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685804974645010,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpTLuhHCWWpOrM6zYAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685804974645010,"flow_src_last_pkt_time":1685804974645010,"flow_dst_last_pkt_time":1685804974645010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685804974645010,"l3_proto":"ip4","src_ip":"238.132.112.150","dst_ip":"90.147.171.51","src_port":44248,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685803636118223,"flow_src_last_pkt_time":1685803636118223,"flow_dst_last_pkt_time":1685803636118223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685804974645010,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"165.114.202.61","src_port":47772,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":76,"packets-processed":75,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4060,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":72,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":72,"total-idle-flows":71,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":353,"global_ts_usec":1685805765811289} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":76,"packets-processed":75,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4060,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":72,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":72,"total-idle-flows":71,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":353,"global_ts_usec":1685805765811289} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685805765811289,"flow_src_last_pkt_time":1685805765811289,"flow_dst_last_pkt_time":1685805765811289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685805765811289,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":47037,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":1,"flow_src_last_pkt_time":1685805765811289,"flow_dst_last_pkt_time":1685805765811289,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685805765811289,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPIRCw+GtJCVWpG0Ore9AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":76,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685805765811289,"flow_src_last_pkt_time":1685805765811289,"flow_dst_last_pkt_time":1685805765811289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685805765811289,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":47037,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -359,7 +359,7 @@ 00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":74,"flow_packet_id":1,"flow_src_last_pkt_time":1685806301914300,"flow_dst_last_pkt_time":1685806301914300,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685806301914300,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSvsm2CTWm\/UMq27AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685806301914300,"flow_src_last_pkt_time":1685806301914300,"flow_dst_last_pkt_time":1685806301914300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685806301914300,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"90.111.212.50","src_port":44475,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685805765811289,"flow_src_last_pkt_time":1685805765811289,"flow_dst_last_pkt_time":1685805765811289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685806301914300,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":47037,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":78,"packets-processed":77,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4256,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":74,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":74,"total-idle-flows":73,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":362,"global_ts_usec":1685809385375373} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":78,"packets-processed":77,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4256,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":74,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":74,"total-idle-flows":73,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":362,"global_ts_usec":1685809385375373} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809385375373,"flow_src_last_pkt_time":1685809385375373,"flow_dst_last_pkt_time":1685809385375373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809385375373,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"74.111.203.55","src_port":33156,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":75,"flow_packet_id":1,"flow_src_last_pkt_time":1685809385375373,"flow_dst_last_pkt_time":1685809385375373,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685809385375373,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAOsREge2tHiLSm\/LN4GEAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":78,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809385375373,"flow_src_last_pkt_time":1685809385375373,"flow_dst_last_pkt_time":1685809385375373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809385375373,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"74.111.203.55","src_port":33156,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -368,7 +368,7 @@ 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":79,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":1,"flow_src_last_pkt_time":1685809633823277,"flow_dst_last_pkt_time":1685809633823277,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685809633823277,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAPARqCMTY5OUWo0lOL+cAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":79,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809633823277,"flow_src_last_pkt_time":1685809633823277,"flow_dst_last_pkt_time":1685809633823277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809633823277,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"90.141.37.56","src_port":49052,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809385375373,"flow_src_last_pkt_time":1685809385375373,"flow_dst_last_pkt_time":1685809385375373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685809633823277,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"74.111.203.55","src_port":33156,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":80,"packets-processed":79,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4452,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":76,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":76,"total-idle-flows":75,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":371,"global_ts_usec":1685810288436552} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":80,"packets-processed":79,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4452,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":76,"total-detection-updates":0,"total-updates":14,"current-active-flows":1,"total-active-flows":76,"total-idle-flows":75,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":371,"global_ts_usec":1685810288436552} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685810288436552,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685810288436552,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"165.114.202.61","src_port":44018,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":1,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685810288436552,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSkve7GapXLKPavyAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685810288436552,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685810288436552,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"165.114.202.61","src_port":44018,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -376,7 +376,7 @@ 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":81,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":78,"flow_packet_id":1,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685810288436552,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsRrBkuZGGTpZBUPpILAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":81,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685810288436552,"flow_src_last_pkt_time":1685810288436552,"flow_dst_last_pkt_time":1685810288436552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685810288436552,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.144.84.62","src_port":37387,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685809633823277,"flow_src_last_pkt_time":1685809633823277,"flow_dst_last_pkt_time":1685809633823277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685810288436552,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"90.141.37.56","src_port":49052,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":82,"packets-processed":81,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4648,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":78,"total-detection-updates":0,"total-updates":14,"current-active-flows":2,"total-active-flows":78,"total-idle-flows":76,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":379,"global_ts_usec":1685812438394439} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":82,"packets-processed":81,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4648,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":78,"total-detection-updates":0,"total-updates":14,"current-active-flows":2,"total-active-flows":78,"total-idle-flows":76,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":379,"global_ts_usec":1685812438394439} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812438394439,"flow_src_last_pkt_time":1685812438394439,"flow_dst_last_pkt_time":1685812438394439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812438394439,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":48737,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":79,"flow_packet_id":1,"flow_src_last_pkt_time":1685812438394439,"flow_dst_last_pkt_time":1685812438394439,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685812438394439,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAOsREgyGtJCVunDKNb5hAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":82,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812438394439,"flow_src_last_pkt_time":1685812438394439,"flow_dst_last_pkt_time":1685812438394439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812438394439,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":48737,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -391,7 +391,7 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":84,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812825868185,"flow_src_last_pkt_time":1685812825868185,"flow_dst_last_pkt_time":1685812825868185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812825868185,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"85.111.52.57","src_port":35950,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812605076027,"flow_src_last_pkt_time":1685812605076027,"flow_dst_last_pkt_time":1685812605076027,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812825868185,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"69.109.187.54","src_port":57533,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685812438394439,"flow_src_last_pkt_time":1685812438394439,"flow_dst_last_pkt_time":1685812438394439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685812825868185,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":48737,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":85,"packets-processed":84,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4942,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":81,"total-detection-updates":0,"total-updates":15,"current-active-flows":1,"total-active-flows":81,"total-idle-flows":80,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":394,"global_ts_usec":1685823608659744} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":85,"packets-processed":84,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4942,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":81,"total-detection-updates":0,"total-updates":15,"current-active-flows":1,"total-active-flows":81,"total-idle-flows":80,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":394,"global_ts_usec":1685823608659744} 00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685823608659744,"flow_src_last_pkt_time":1685823608659744,"flow_dst_last_pkt_time":1685823608659744,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685823608659744,"l3_proto":"ip4","src_ip":"44.49.31.2","dst_ip":"90.147.171.51","src_port":51197,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":82,"flow_packet_id":1,"flow_src_last_pkt_time":1685823608659744,"flow_dst_last_pkt_time":1685823608659744,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685823608659744,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXkwsMR8CWpOrM8f9AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00941{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685823608659744,"flow_src_last_pkt_time":1685823608659744,"flow_dst_last_pkt_time":1685823608659744,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685823608659744,"l3_proto":"ip4","src_ip":"44.49.31.2","dst_ip":"90.147.171.51","src_port":51197,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -400,7 +400,7 @@ 00643{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":86,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":83,"flow_packet_id":1,"flow_src_last_pkt_time":1685824045529363,"flow_dst_last_pkt_time":1685824045529363,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685824045529363,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPIRpTATY5KcWpG0OtRrAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":86,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685824045529363,"flow_src_last_pkt_time":1685824045529363,"flow_dst_last_pkt_time":1685824045529363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685824045529363,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":54379,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00980{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685823608659744,"flow_src_last_pkt_time":1685823608659744,"flow_dst_last_pkt_time":1685823608659744,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685824045529363,"l3_proto":"ip4","src_ip":"44.49.31.2","dst_ip":"90.147.171.51","src_port":51197,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":87,"packets-processed":86,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5069,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":83,"total-detection-updates":0,"total-updates":15,"current-active-flows":1,"total-active-flows":83,"total-idle-flows":82,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":403,"global_ts_usec":1685833753925206} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":87,"packets-processed":86,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5069,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":83,"total-detection-updates":0,"total-updates":15,"current-active-flows":1,"total-active-flows":83,"total-idle-flows":82,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":403,"global_ts_usec":1685833753925206} 00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833753925206,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833753925206,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"69.109.187.54","src_port":55450,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":1,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685833753925206,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRXlSuMgcLRW27NtiaAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00942{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":87,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833753925206,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833753925206,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"69.109.187.54","src_port":55450,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -409,28 +409,28 @@ 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":88,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":85,"flow_packet_id":1,"flow_src_last_pkt_time":1685833820099618,"flow_dst_last_pkt_time":1685833820099618,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685833820099618,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbfk62rixWm\/UMtMrAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":88,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833820099618,"flow_src_last_pkt_time":1685833820099618,"flow_dst_last_pkt_time":1685833820099618,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833820099618,"l3_proto":"ip4","src_ip":"58.218.184.177","dst_ip":"90.111.212.50","src_port":54059,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833753925206,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685833820099618,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"69.109.187.54","src_port":55450,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":89,"packets-processed":88,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5127,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":85,"total-detection-updates":0,"total-updates":16,"current-active-flows":2,"total-active-flows":85,"total-idle-flows":83,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":412,"global_ts_usec":1685837260196335} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":89,"packets-processed":88,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5127,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":85,"total-detection-updates":0,"total-updates":16,"current-active-flows":2,"total-active-flows":85,"total-idle-flows":83,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":412,"global_ts_usec":1685837260196335} 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685837260196335,"flow_src_last_pkt_time":1685837260196335,"flow_dst_last_pkt_time":1685837260196335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685837260196335,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.145.180.58","src_port":40383,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":86,"flow_packet_id":1,"flow_src_last_pkt_time":1685837260196335,"flow_dst_last_pkt_time":1685837260196335,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685837260196335,"pkt":"bs1PogZtPJTVQTiBCABFCABLWQ0AACIRcZkfAJpyWpG0Op2\/AasAN4QBAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":89,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685837260196335,"flow_src_last_pkt_time":1685837260196335,"flow_dst_last_pkt_time":1685837260196335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685837260196335,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.145.180.58","src_port":40383,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833820099618,"flow_src_last_pkt_time":1685833820099618,"flow_dst_last_pkt_time":1685833820099618,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685837260196335,"l3_proto":"ip4","src_ip":"58.218.184.177","dst_ip":"90.111.212.50","src_port":54059,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685833753925206,"flow_src_last_pkt_time":1685833753925206,"flow_dst_last_pkt_time":1685833753925206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685837260196335,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"69.109.187.54","src_port":55450,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":90,"packets-processed":89,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5174,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":86,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":86,"total-idle-flows":85,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":418,"global_ts_usec":1685838786050204} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":90,"packets-processed":89,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5174,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":86,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":86,"total-idle-flows":85,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":418,"global_ts_usec":1685838786050204} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685838786050204,"flow_src_last_pkt_time":1685838786050204,"flow_dst_last_pkt_time":1685838786050204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685838786050204,"l3_proto":"ip4","src_ip":"66.228.194.219","dst_ip":"186.112.202.53","src_port":53105,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":87,"flow_packet_id":1,"flow_src_last_pkt_time":1685838786050204,"flow_dst_last_pkt_time":1685838786050204,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685838786050204,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbcNC5MLbunDKNc9xAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":90,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685838786050204,"flow_src_last_pkt_time":1685838786050204,"flow_dst_last_pkt_time":1685838786050204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685838786050204,"l3_proto":"ip4","src_ip":"66.228.194.219","dst_ip":"186.112.202.53","src_port":53105,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685837260196335,"flow_src_last_pkt_time":1685837260196335,"flow_dst_last_pkt_time":1685837260196335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685838786050204,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.145.180.58","src_port":40383,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":91,"packets-processed":90,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5203,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":87,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":87,"total-idle-flows":86,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":423,"global_ts_usec":1685845591689038} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":91,"packets-processed":90,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5203,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":87,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":87,"total-idle-flows":86,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":423,"global_ts_usec":1685845591689038} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685845591689038,"flow_src_last_pkt_time":1685845591689038,"flow_dst_last_pkt_time":1685845591689038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685845591689038,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":43759,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":88,"flow_packet_id":1,"flow_src_last_pkt_time":1685845591689038,"flow_dst_last_pkt_time":1685845591689038,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1685845591689038,"pkt":"ipffLU2SPJTVQTiBCABFAABSAK0AAG0RE\/VDnxCWSm\/LN6rvAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":91,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685845591689038,"flow_src_last_pkt_time":1685845591689038,"flow_dst_last_pkt_time":1685845591689038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685845591689038,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":43759,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685838786050204,"flow_src_last_pkt_time":1685838786050204,"flow_dst_last_pkt_time":1685838786050204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685845591689038,"l3_proto":"ip4","src_ip":"66.228.194.219","dst_ip":"186.112.202.53","src_port":53105,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":92,"packets-processed":91,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5257,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":88,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":88,"total-idle-flows":87,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":428,"global_ts_usec":1685846371302206} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":92,"packets-processed":91,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5257,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":88,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":88,"total-idle-flows":87,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":428,"global_ts_usec":1685846371302206} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685846371302206,"flow_src_last_pkt_time":1685846371302206,"flow_dst_last_pkt_time":1685846371302206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685846371302206,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":53596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":1,"flow_src_last_pkt_time":1685846371302206,"flow_dst_last_pkt_time":1685846371302206,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685846371302206,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMtFcAasAJRkeAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":92,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685846371302206,"flow_src_last_pkt_time":1685846371302206,"flow_dst_last_pkt_time":1685846371302206,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685846371302206,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":53596,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685845591689038,"flow_src_last_pkt_time":1685845591689038,"flow_dst_last_pkt_time":1685845591689038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685846371302206,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":43759,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":93,"packets-processed":92,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5286,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":89,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":89,"total-idle-flows":88,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":433,"global_ts_usec":1685847518566522} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":93,"packets-processed":92,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5286,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":89,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":89,"total-idle-flows":88,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":433,"global_ts_usec":1685847518566522} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685847518566522,"flow_src_last_pkt_time":1685847518566522,"flow_dst_last_pkt_time":1685847518566522,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685847518566522,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":47879,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":1,"flow_src_last_pkt_time":1685847518566522,"flow_dst_last_pkt_time":1685847518566522,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685847518566522,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27NrsHAasAJS9xAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":93,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685847518566522,"flow_src_last_pkt_time":1685847518566522,"flow_dst_last_pkt_time":1685847518566522,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685847518566522,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":47879,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -439,7 +439,7 @@ 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":94,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":91,"flow_packet_id":1,"flow_src_last_pkt_time":1685848000557988,"flow_dst_last_pkt_time":1685848000557988,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685848000557988,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM67xAasAJTuKAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":94,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685848000557988,"flow_src_last_pkt_time":1685848000557988,"flow_dst_last_pkt_time":1685848000557988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685848000557988,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":44785,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685847518566522,"flow_src_last_pkt_time":1685847518566522,"flow_dst_last_pkt_time":1685847518566522,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685848000557988,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":47879,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":95,"packets-processed":94,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5344,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":91,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":91,"total-idle-flows":90,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":442,"global_ts_usec":1685849540053899} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":95,"packets-processed":94,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5344,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":91,"total-detection-updates":0,"total-updates":16,"current-active-flows":1,"total-active-flows":91,"total-idle-flows":90,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":442,"global_ts_usec":1685849540053899} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849540053899,"flow_src_last_pkt_time":1685849540053899,"flow_dst_last_pkt_time":1685849540053899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849540053899,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":51364,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":92,"flow_packet_id":1,"flow_src_last_pkt_time":1685849540053899,"flow_dst_last_pkt_time":1685849540053899,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685849540053899,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPsikAasAJSHMAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849540053899,"flow_src_last_pkt_time":1685849540053899,"flow_dst_last_pkt_time":1685849540053899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849540053899,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":51364,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -453,7 +453,7 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849733217189,"flow_src_last_pkt_time":1685849733217189,"flow_dst_last_pkt_time":1685849733217189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849733217189,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":51228,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849540053899,"flow_src_last_pkt_time":1685849540053899,"flow_dst_last_pkt_time":1685849540053899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849733217189,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":51364,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685849664860009,"flow_src_last_pkt_time":1685849664860009,"flow_dst_last_pkt_time":1685849664860009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685849733217189,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41690,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":98,"packets-processed":97,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5431,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":94,"total-detection-updates":0,"total-updates":18,"current-active-flows":2,"total-active-flows":94,"total-idle-flows":92,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":456,"global_ts_usec":1685851175046998} +00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":98,"packets-processed":97,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5431,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":94,"total-detection-updates":0,"total-updates":18,"current-active-flows":2,"total-active-flows":94,"total-idle-flows":92,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":456,"global_ts_usec":1685851175046998} 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851175046998,"flow_src_last_pkt_time":1685851175046998,"flow_dst_last_pkt_time":1685851175046998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851175046998,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.141.37.56","src_port":59682,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":1,"flow_src_last_pkt_time":1685851175046998,"flow_dst_last_pkt_time":1685851175046998,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685851175046998,"pkt":"3jHC4dyOPJTVQTiBCABFCABL904AACIR01kj\/EVxWo0lOOkiAasANzigAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851175046998,"flow_src_last_pkt_time":1685851175046998,"flow_dst_last_pkt_time":1685851175046998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851175046998,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.141.37.56","src_port":59682,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -468,28 +468,28 @@ 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":100,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851372073022,"flow_src_last_pkt_time":1685851372073022,"flow_dst_last_pkt_time":1685851372073022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851372073022,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":40943,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851175046998,"flow_src_last_pkt_time":1685851175046998,"flow_dst_last_pkt_time":1685851175046998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851372073022,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.141.37.56","src_port":59682,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851293085114,"flow_src_last_pkt_time":1685851293085114,"flow_dst_last_pkt_time":1685851293085114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685851372073022,"l3_proto":"ip4","src_ip":"208.209.71.22","dst_ip":"85.111.52.57","src_port":55733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00847{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":101,"packets-processed":100,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5536,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":97,"total-detection-updates":0,"total-updates":20,"current-active-flows":2,"total-active-flows":97,"total-idle-flows":95,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":471,"global_ts_usec":1685852052162325} +00847{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":101,"packets-processed":100,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5536,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":97,"total-detection-updates":0,"total-updates":20,"current-active-flows":2,"total-active-flows":97,"total-idle-flows":95,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":471,"global_ts_usec":1685852052162325} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685852052162325,"flow_src_last_pkt_time":1685852052162325,"flow_dst_last_pkt_time":1685852052162325,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685852052162325,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":33048,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":98,"flow_packet_id":1,"flow_src_last_pkt_time":1685852052162325,"flow_dst_last_pkt_time":1685852052162325,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685852052162325,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPURKLTIH5CeWpG0OoEYAasAJWlaAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685852052162325,"flow_src_last_pkt_time":1685852052162325,"flow_dst_last_pkt_time":1685852052162325,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685852052162325,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":33048,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851293085114,"flow_src_last_pkt_time":1685851293085114,"flow_dst_last_pkt_time":1685851293085114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685852052162325,"l3_proto":"ip4","src_ip":"208.209.71.22","dst_ip":"85.111.52.57","src_port":55733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685851372073022,"flow_src_last_pkt_time":1685851372073022,"flow_dst_last_pkt_time":1685851372073022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685852052162325,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":40943,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00847{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":102,"packets-processed":101,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5565,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":98,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":98,"total-idle-flows":97,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":477,"global_ts_usec":1685860258822121} +00847{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":102,"packets-processed":101,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5565,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":98,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":98,"total-idle-flows":97,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":477,"global_ts_usec":1685860258822121} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685860258822121,"flow_src_last_pkt_time":1685860258822121,"flow_dst_last_pkt_time":1685860258822121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685860258822121,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":47964,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00644{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":99,"flow_packet_id":1,"flow_src_last_pkt_time":1685860258822121,"flow_dst_last_pkt_time":1685860258822121,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685860258822121,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAO0RqigTnLybunDKNbtcAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":102,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685860258822121,"flow_src_last_pkt_time":1685860258822121,"flow_dst_last_pkt_time":1685860258822121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685860258822121,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":47964,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685852052162325,"flow_src_last_pkt_time":1685852052162325,"flow_dst_last_pkt_time":1685852052162325,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685860258822121,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":33048,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00847{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":103,"packets-processed":102,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5663,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":99,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":99,"total-idle-flows":98,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":482,"global_ts_usec":1685863658998957} +00847{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":103,"packets-processed":102,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5663,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":99,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":99,"total-idle-flows":98,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":482,"global_ts_usec":1685863658998957} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685863658998957,"flow_src_last_pkt_time":1685863658998957,"flow_dst_last_pkt_time":1685863658998957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685863658998957,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":54477,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":100,"flow_packet_id":1,"flow_src_last_pkt_time":1685863658998957,"flow_dst_last_pkt_time":1685863658998957,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685863658998957,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRYDnSDNiXWpG0OtTNAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":103,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685863658998957,"flow_src_last_pkt_time":1685863658998957,"flow_dst_last_pkt_time":1685863658998957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685863658998957,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":54477,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685860258822121,"flow_src_last_pkt_time":1685860258822121,"flow_dst_last_pkt_time":1685860258822121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685863658998957,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":47964,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00849{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":104,"packets-processed":103,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5692,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":100,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":100,"total-idle-flows":99,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":487,"global_ts_usec":1685866496459415} +00849{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":104,"packets-processed":103,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5692,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":100,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":100,"total-idle-flows":99,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":487,"global_ts_usec":1685866496459415} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685866496459415,"flow_src_last_pkt_time":1685866496459415,"flow_dst_last_pkt_time":1685866496459415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685866496459415,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.141.37.56","src_port":52969,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":101,"flow_packet_id":1,"flow_src_last_pkt_time":1685866496459415,"flow_dst_last_pkt_time":1685866496459415,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685866496459415,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRbM9GHGX8Wo0lOM7pAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685866496459415,"flow_src_last_pkt_time":1685866496459415,"flow_dst_last_pkt_time":1685866496459415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685866496459415,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"90.141.37.56","src_port":52969,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685863658998957,"flow_src_last_pkt_time":1685863658998957,"flow_dst_last_pkt_time":1685863658998957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685866496459415,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":54477,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":105,"packets-processed":104,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5721,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":101,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":101,"total-idle-flows":100,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":492,"global_ts_usec":1685868922612761} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":105,"packets-processed":104,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5721,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":101,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":101,"total-idle-flows":100,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":492,"global_ts_usec":1685868922612761} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685868922612761,"flow_src_last_pkt_time":1685868922612761,"flow_dst_last_pkt_time":1685868922612761,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685868922612761,"l3_proto":"ip4","src_ip":"57.3.49.213","dst_ip":"74.111.203.55","src_port":25820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":102,"flow_packet_id":1,"flow_src_last_pkt_time":1685868922612761,"flow_dst_last_pkt_time":1685868922612761,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685868922612761,"pkt":"ipffLU2SPJTVQTiBCABFAAA+wDFAADQRPtU5AzHVSm\/LN2TcAasAKsLmAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":105,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685868922612761,"flow_src_last_pkt_time":1685868922612761,"flow_dst_last_pkt_time":1685868922612761,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685868922612761,"l3_proto":"ip4","src_ip":"57.3.49.213","dst_ip":"74.111.203.55","src_port":25820,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -498,7 +498,7 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":106,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":103,"flow_packet_id":1,"flow_src_last_pkt_time":1685869117973932,"flow_dst_last_pkt_time":1685869117973932,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685869117973932,"pkt":"bpHurUgdPJTVQTiBCABFAAA+ZfVAADQRmRxGwcb6RW27NnFTAasAKrZ6AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":106,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869117973932,"flow_src_last_pkt_time":1685869117973932,"flow_dst_last_pkt_time":1685869117973932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869117973932,"l3_proto":"ip4","src_ip":"70.193.198.250","dst_ip":"69.109.187.54","src_port":29011,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685868922612761,"flow_src_last_pkt_time":1685868922612761,"flow_dst_last_pkt_time":1685868922612761,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869117973932,"l3_proto":"ip4","src_ip":"57.3.49.213","dst_ip":"74.111.203.55","src_port":25820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":107,"packets-processed":106,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5789,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":103,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":103,"total-idle-flows":102,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":501,"global_ts_usec":1685869695331980} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":107,"packets-processed":106,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5789,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":103,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":103,"total-idle-flows":102,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":501,"global_ts_usec":1685869695331980} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869695331980,"flow_src_last_pkt_time":1685869695331980,"flow_dst_last_pkt_time":1685869695331980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869695331980,"l3_proto":"ip4","src_ip":"87.0.217.242","dst_ip":"85.111.52.57","src_port":54220,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":104,"flow_packet_id":1,"flow_src_last_pkt_time":1685869695331980,"flow_dst_last_pkt_time":1685869695331980,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685869695331980,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+88RAADQRC1FXANnyVW80OdPMAasAKlQFAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869695331980,"flow_src_last_pkt_time":1685869695331980,"flow_dst_last_pkt_time":1685869695331980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685869695331980,"l3_proto":"ip4","src_ip":"87.0.217.242","dst_ip":"85.111.52.57","src_port":54220,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -507,7 +507,7 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":108,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":105,"flow_packet_id":1,"flow_src_last_pkt_time":1685870241871015,"flow_dst_last_pkt_time":1685870241871015,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685870241871015,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+NXBAADQRyYU2+8bepZBUPqAmAasAKoeLAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00951{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":108,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870241871015,"flow_src_last_pkt_time":1685870241871015,"flow_dst_last_pkt_time":1685870241871015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870241871015,"l3_proto":"ip4","src_ip":"54.251.198.222","dst_ip":"165.144.84.62","src_port":40998,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685869695331980,"flow_src_last_pkt_time":1685869695331980,"flow_dst_last_pkt_time":1685869695331980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870241871015,"l3_proto":"ip4","src_ip":"87.0.217.242","dst_ip":"85.111.52.57","src_port":54220,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":109,"packets-processed":108,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5857,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":105,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":105,"total-idle-flows":104,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":510,"global_ts_usec":1685870479493725} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":109,"packets-processed":108,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":5857,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":105,"total-detection-updates":0,"total-updates":20,"current-active-flows":1,"total-active-flows":105,"total-idle-flows":104,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":510,"global_ts_usec":1685870479493725} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870479493725,"flow_src_last_pkt_time":1685870479493725,"flow_dst_last_pkt_time":1685870479493725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870479493725,"l3_proto":"ip4","src_ip":"87.39.57.211","dst_ip":"90.141.37.56","src_port":42486,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":106,"flow_packet_id":1,"flow_src_last_pkt_time":1685870479493725,"flow_dst_last_pkt_time":1685870479493725,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685870479493725,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+4zlAADQRG81XJznTWo0lOKX2AasAKoHMAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":109,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870479493725,"flow_src_last_pkt_time":1685870479493725,"flow_dst_last_pkt_time":1685870479493725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685870479493725,"l3_proto":"ip4","src_ip":"87.39.57.211","dst_ip":"90.141.37.56","src_port":42486,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -530,7 +530,7 @@ 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":113,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871075034933,"flow_src_last_pkt_time":1685871075034933,"flow_dst_last_pkt_time":1685871075034933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871075034933,"l3_proto":"ip4","src_ip":"168.222.38.193","dst_ip":"186.112.202.53","src_port":38055,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870800640514,"flow_src_last_pkt_time":1685870800640514,"flow_dst_last_pkt_time":1685870800640514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871075034933,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"74.111.203.55","src_port":56717,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870915573371,"flow_src_last_pkt_time":1685870915573371,"flow_dst_last_pkt_time":1685870915573371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871075034933,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"90.111.212.50","src_port":49798,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":114,"packets-processed":113,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6022,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":110,"total-detection-updates":0,"total-updates":23,"current-active-flows":2,"total-active-flows":110,"total-idle-flows":108,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":533,"global_ts_usec":1685871093262888} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":114,"packets-processed":113,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6022,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":110,"total-detection-updates":0,"total-updates":23,"current-active-flows":2,"total-active-flows":110,"total-idle-flows":108,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":533,"global_ts_usec":1685871093262888} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871093262888,"flow_src_last_pkt_time":1685871093262888,"flow_dst_last_pkt_time":1685871093262888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871093262888,"l3_proto":"ip4","src_ip":"46.204.255.75","dst_ip":"165.144.84.62","src_port":55098,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":111,"flow_packet_id":1,"flow_src_last_pkt_time":1685871093262888,"flow_dst_last_pkt_time":1685871093262888,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685871093262888,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXosuzP9LpZBUPtc6AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871093262888,"flow_src_last_pkt_time":1685871093262888,"flow_dst_last_pkt_time":1685871093262888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871093262888,"l3_proto":"ip4","src_ip":"46.204.255.75","dst_ip":"165.144.84.62","src_port":55098,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -540,7 +540,7 @@ 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685870915573371,"flow_src_last_pkt_time":1685870915573371,"flow_dst_last_pkt_time":1685870915573371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871237861116,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"90.111.212.50","src_port":49798,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871093262888,"flow_src_last_pkt_time":1685871093262888,"flow_dst_last_pkt_time":1685871093262888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871237861116,"l3_proto":"ip4","src_ip":"46.204.255.75","dst_ip":"165.144.84.62","src_port":55098,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00989{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685871075034933,"flow_src_last_pkt_time":1685871075034933,"flow_dst_last_pkt_time":1685871075034933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685871237861116,"l3_proto":"ip4","src_ip":"168.222.38.193","dst_ip":"186.112.202.53","src_port":38055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":116,"packets-processed":115,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6085,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":112,"total-detection-updates":0,"total-updates":25,"current-active-flows":3,"total-active-flows":112,"total-idle-flows":109,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":543,"global_ts_usec":1685872555023942} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":116,"packets-processed":115,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6085,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":112,"total-detection-updates":0,"total-updates":25,"current-active-flows":3,"total-active-flows":112,"total-idle-flows":109,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":543,"global_ts_usec":1685872555023942} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872555023942,"flow_src_last_pkt_time":1685872555023942,"flow_dst_last_pkt_time":1685872555023942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872555023942,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"165.114.202.61","src_port":62479,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":113,"flow_packet_id":1,"flow_src_last_pkt_time":1685872555023942,"flow_dst_last_pkt_time":1685872555023942,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685872555023942,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+aWdAADQRlZGnOTHbpXLKPfQPAasAKjOlAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872555023942,"flow_src_last_pkt_time":1685872555023942,"flow_dst_last_pkt_time":1685872555023942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872555023942,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"165.114.202.61","src_port":62479,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -551,27 +551,27 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":117,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":114,"flow_packet_id":1,"flow_src_last_pkt_time":1685872858284372,"flow_dst_last_pkt_time":1685872858284372,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685872858284372,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXklTDuAOpXLKPdm1AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":117,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872858284372,"flow_src_last_pkt_time":1685872858284372,"flow_dst_last_pkt_time":1685872858284372,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872858284372,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"165.114.202.61","src_port":55733,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872555023942,"flow_src_last_pkt_time":1685872555023942,"flow_dst_last_pkt_time":1685872555023942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685872858284372,"l3_proto":"ip4","src_ip":"167.57.49.219","dst_ip":"165.114.202.61","src_port":62479,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":118,"packets-processed":117,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6148,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":114,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":114,"total-idle-flows":113,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":554,"global_ts_usec":1685882198118291} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":118,"packets-processed":117,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6148,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":114,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":114,"total-idle-flows":113,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":554,"global_ts_usec":1685882198118291} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685882198118291,"flow_src_last_pkt_time":1685882198118291,"flow_dst_last_pkt_time":1685882198118291,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685882198118291,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"69.109.187.54","src_port":43688,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":115,"flow_packet_id":1,"flow_src_last_pkt_time":1685882198118291,"flow_dst_last_pkt_time":1685882198118291,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685882198118291,"pkt":"bpHurUgdPJTVQTiBCABFCABLT4kAACIReyefPLR2RW27NqqoAasAN3ciAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":118,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685882198118291,"flow_src_last_pkt_time":1685882198118291,"flow_dst_last_pkt_time":1685882198118291,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685882198118291,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"69.109.187.54","src_port":43688,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685872858284372,"flow_src_last_pkt_time":1685872858284372,"flow_dst_last_pkt_time":1685872858284372,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685882198118291,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"165.114.202.61","src_port":55733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":119,"packets-processed":118,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6195,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":115,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":115,"total-idle-flows":114,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":559,"global_ts_usec":1685890136540249} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":119,"packets-processed":118,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6195,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":115,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":115,"total-idle-flows":114,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":559,"global_ts_usec":1685890136540249} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685890136540249,"flow_src_last_pkt_time":1685890136540249,"flow_dst_last_pkt_time":1685890136540249,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685890136540249,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.147.171.51","src_port":38375,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":116,"flow_packet_id":1,"flow_src_last_pkt_time":1685890136540249,"flow_dst_last_pkt_time":1685890136540249,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685890136540249,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsREhCGtJCVWpOrM5XnAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685890136540249,"flow_src_last_pkt_time":1685890136540249,"flow_dst_last_pkt_time":1685890136540249,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685890136540249,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.147.171.51","src_port":38375,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685882198118291,"flow_src_last_pkt_time":1685882198118291,"flow_dst_last_pkt_time":1685882198118291,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685890136540249,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"69.109.187.54","src_port":43688,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":120,"packets-processed":119,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6293,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":116,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":116,"total-idle-flows":115,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":564,"global_ts_usec":1685893050953648} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":120,"packets-processed":119,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6293,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":116,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":116,"total-idle-flows":115,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":564,"global_ts_usec":1685893050953648} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685893050953648,"flow_src_last_pkt_time":1685893050953648,"flow_dst_last_pkt_time":1685893050953648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685893050953648,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.141.37.56","src_port":52853,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":117,"flow_packet_id":1,"flow_src_last_pkt_time":1685893050953648,"flow_dst_last_pkt_time":1685893050953648,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685893050953648,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAOsREgqGtJCVWo0lOM51AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685893050953648,"flow_src_last_pkt_time":1685893050953648,"flow_dst_last_pkt_time":1685893050953648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685893050953648,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.141.37.56","src_port":52853,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685890136540249,"flow_src_last_pkt_time":1685890136540249,"flow_dst_last_pkt_time":1685890136540249,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685893050953648,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.147.171.51","src_port":38375,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":121,"packets-processed":120,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6391,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":117,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":117,"total-idle-flows":116,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":569,"global_ts_usec":1685894881323596} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":121,"packets-processed":120,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6391,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":117,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":117,"total-idle-flows":116,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":569,"global_ts_usec":1685894881323596} 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685894881323596,"flow_src_last_pkt_time":1685894881323596,"flow_dst_last_pkt_time":1685894881323596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685894881323596,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"165.114.202.61","src_port":53222,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":118,"flow_packet_id":1,"flow_src_last_pkt_time":1685894881323596,"flow_dst_last_pkt_time":1685894881323596,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685894881323596,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSrvZI2ZpXLKPc\/mAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685894881323596,"flow_src_last_pkt_time":1685894881323596,"flow_dst_last_pkt_time":1685894881323596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685894881323596,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"165.114.202.61","src_port":53222,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685893050953648,"flow_src_last_pkt_time":1685893050953648,"flow_dst_last_pkt_time":1685893050953648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685894881323596,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.141.37.56","src_port":52853,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":122,"packets-processed":121,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6489,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":118,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":118,"total-idle-flows":117,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":574,"global_ts_usec":1685895935303589} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":122,"packets-processed":121,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6489,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":118,"total-detection-updates":0,"total-updates":25,"current-active-flows":1,"total-active-flows":118,"total-idle-flows":117,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":574,"global_ts_usec":1685895935303589} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685895935303589,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685895935303589,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":34238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":1,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685895935303589,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqiQtY5KSWm\/UMoW+AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685895935303589,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685895935303589,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":34238,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -580,13 +580,13 @@ 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":123,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":1,"flow_src_last_pkt_time":1685896082620616,"flow_dst_last_pkt_time":1685896082620616,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685896082620616,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RD\/62tHiLpZBUPuqLAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":123,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685896082620616,"flow_src_last_pkt_time":1685896082620616,"flow_dst_last_pkt_time":1685896082620616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685896082620616,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":60043,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685895935303589,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685896082620616,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":34238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":124,"packets-processed":123,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6685,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":120,"total-detection-updates":0,"total-updates":26,"current-active-flows":2,"total-active-flows":120,"total-idle-flows":118,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":583,"global_ts_usec":1685898155508793} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":124,"packets-processed":123,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6685,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":120,"total-detection-updates":0,"total-updates":26,"current-active-flows":2,"total-active-flows":120,"total-idle-flows":118,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":583,"global_ts_usec":1685898155508793} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685898155508793,"flow_src_last_pkt_time":1685898155508793,"flow_dst_last_pkt_time":1685898155508793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685898155508793,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"74.111.203.55","src_port":55816,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":1,"flow_src_last_pkt_time":1685898155508793,"flow_dst_last_pkt_time":1685898155508793,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685898155508793,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAO0RqiIuZGGTSm\/LN9oIAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":124,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685898155508793,"flow_src_last_pkt_time":1685898155508793,"flow_dst_last_pkt_time":1685898155508793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685898155508793,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"74.111.203.55","src_port":55816,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685896082620616,"flow_src_last_pkt_time":1685896082620616,"flow_dst_last_pkt_time":1685896082620616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685898155508793,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":60043,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685895935303589,"flow_src_last_pkt_time":1685895935303589,"flow_dst_last_pkt_time":1685895935303589,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685898155508793,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":34238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":125,"packets-processed":124,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6783,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":121,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":121,"total-idle-flows":120,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":589,"global_ts_usec":1685900239002858} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":125,"packets-processed":124,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":6783,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":121,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":121,"total-idle-flows":120,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":589,"global_ts_usec":1685900239002858} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900239002858,"flow_src_last_pkt_time":1685900239002858,"flow_dst_last_pkt_time":1685900239002858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900239002858,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"69.109.187.54","src_port":47805,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":1,"flow_src_last_pkt_time":1685900239002858,"flow_dst_last_pkt_time":1685900239002858,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685900239002858,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPMRpTIve7GaRW27Nrq9AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":125,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900239002858,"flow_src_last_pkt_time":1685900239002858,"flow_dst_last_pkt_time":1685900239002858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900239002858,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"69.109.187.54","src_port":47805,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -599,7 +599,7 @@ 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900456106642,"flow_src_last_pkt_time":1685900456106642,"flow_dst_last_pkt_time":1685900456106642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900456106642,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"186.112.202.53","src_port":39226,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900274127763,"flow_src_last_pkt_time":1685900274127763,"flow_dst_last_pkt_time":1685900274127763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900456106642,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":51113,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685900239002858,"flow_src_last_pkt_time":1685900239002858,"flow_dst_last_pkt_time":1685900239002858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685900456106642,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"69.109.187.54","src_port":47805,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":128,"packets-processed":127,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7077,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":124,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":124,"total-idle-flows":123,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":602,"global_ts_usec":1685915408138503} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":128,"packets-processed":127,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7077,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":124,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":124,"total-idle-flows":123,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":602,"global_ts_usec":1685915408138503} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915408138503,"flow_src_last_pkt_time":1685915408138503,"flow_dst_last_pkt_time":1685915408138503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915408138503,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":9681,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":125,"flow_packet_id":1,"flow_src_last_pkt_time":1685915408138503,"flow_dst_last_pkt_time":1685915408138503,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685915408138503,"pkt":"AAwp30Y4PJTVQTiBCABFCABLkhwAACIROIkjAGRzpZBUPiXRAasAN\/vuAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915408138503,"flow_src_last_pkt_time":1685915408138503,"flow_dst_last_pkt_time":1685915408138503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915408138503,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":9681,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -608,32 +608,32 @@ 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":129,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":126,"flow_packet_id":1,"flow_src_last_pkt_time":1685915597923295,"flow_dst_last_pkt_time":1685915597923295,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685915597923295,"pkt":"ipffLU2SPJTVQTiBCABFAABLM0cAACcRn97invx\/Sm\/LN2ATAasAN88kAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":129,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915597923295,"flow_src_last_pkt_time":1685915597923295,"flow_dst_last_pkt_time":1685915597923295,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915597923295,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"74.111.203.55","src_port":24595,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915408138503,"flow_src_last_pkt_time":1685915408138503,"flow_dst_last_pkt_time":1685915408138503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685915597923295,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":9681,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":130,"packets-processed":129,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7171,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":126,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":126,"total-idle-flows":125,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":611,"global_ts_usec":1685918860009356} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":130,"packets-processed":129,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7171,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":126,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":126,"total-idle-flows":125,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":611,"global_ts_usec":1685918860009356} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685918860009356,"flow_src_last_pkt_time":1685918860009356,"flow_dst_last_pkt_time":1685918860009356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685918860009356,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"74.111.203.55","src_port":56086,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":127,"flow_packet_id":1,"flow_src_last_pkt_time":1685918860009356,"flow_dst_last_pkt_time":1685918860009356,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685918860009356,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbX1CGOFNSm\/LN9sWAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685918860009356,"flow_src_last_pkt_time":1685918860009356,"flow_dst_last_pkt_time":1685918860009356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685918860009356,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"74.111.203.55","src_port":56086,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685915597923295,"flow_src_last_pkt_time":1685915597923295,"flow_dst_last_pkt_time":1685915597923295,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685918860009356,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"74.111.203.55","src_port":24595,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":131,"packets-processed":130,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7200,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":127,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":127,"total-idle-flows":126,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":616,"global_ts_usec":1685919707980290} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":131,"packets-processed":130,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7200,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":127,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":127,"total-idle-flows":126,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":616,"global_ts_usec":1685919707980290} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685919707980290,"flow_src_last_pkt_time":1685919707980290,"flow_dst_last_pkt_time":1685919707980290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685919707980290,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"90.145.180.58","src_port":49307,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":128,"flow_packet_id":1,"flow_src_last_pkt_time":1685919707980290,"flow_dst_last_pkt_time":1685919707980290,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685919707980290,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRX0xTDuAOWpG0OsCbAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685919707980290,"flow_src_last_pkt_time":1685919707980290,"flow_dst_last_pkt_time":1685919707980290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685919707980290,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"90.145.180.58","src_port":49307,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685918860009356,"flow_src_last_pkt_time":1685918860009356,"flow_dst_last_pkt_time":1685918860009356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685919707980290,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"74.111.203.55","src_port":56086,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":132,"packets-processed":131,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7229,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":128,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":128,"total-idle-flows":127,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":621,"global_ts_usec":1685923909350319} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":132,"packets-processed":131,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7229,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":128,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":128,"total-idle-flows":127,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":621,"global_ts_usec":1685923909350319} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685923909350319,"flow_src_last_pkt_time":1685923909350319,"flow_dst_last_pkt_time":1685923909350319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685923909350319,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.141.37.56","src_port":44099,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":129,"flow_packet_id":1,"flow_src_last_pkt_time":1685923909350319,"flow_dst_last_pkt_time":1685923909350319,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685923909350319,"pkt":"3jHC4dyOPJTVQTiBCABFAABLfvwAACcRVCBiZ\/1zWo0lOKxDAasAN4LrAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":132,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685923909350319,"flow_src_last_pkt_time":1685923909350319,"flow_dst_last_pkt_time":1685923909350319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685923909350319,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.141.37.56","src_port":44099,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685919707980290,"flow_src_last_pkt_time":1685919707980290,"flow_dst_last_pkt_time":1685919707980290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685923909350319,"l3_proto":"ip4","src_ip":"83.14.224.14","dst_ip":"90.145.180.58","src_port":49307,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":133,"packets-processed":132,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7276,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":129,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":129,"total-idle-flows":128,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":626,"global_ts_usec":1685927801125774} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":133,"packets-processed":132,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7276,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":129,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":129,"total-idle-flows":128,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":626,"global_ts_usec":1685927801125774} 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685927801125774,"flow_src_last_pkt_time":1685927801125774,"flow_dst_last_pkt_time":1685927801125774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685927801125774,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"165.114.202.61","src_port":29946,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":130,"flow_packet_id":1,"flow_src_last_pkt_time":1685927801125774,"flow_dst_last_pkt_time":1685927801125774,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685927801125774,"pkt":"AAwp30Y4PJTVQTiBCABFAABLN1kAACcRm8DigHp2pXLKPXT6AasAN7oxAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":133,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685927801125774,"flow_src_last_pkt_time":1685927801125774,"flow_dst_last_pkt_time":1685927801125774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685927801125774,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"165.114.202.61","src_port":29946,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685923909350319,"flow_src_last_pkt_time":1685923909350319,"flow_dst_last_pkt_time":1685923909350319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685927801125774,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.141.37.56","src_port":44099,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":134,"packets-processed":133,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7323,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":130,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":130,"total-idle-flows":129,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":631,"global_ts_usec":1685929607649688} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":134,"packets-processed":133,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7323,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":130,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":130,"total-idle-flows":129,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":631,"global_ts_usec":1685929607649688} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685929607649688,"flow_src_last_pkt_time":1685929607649688,"flow_dst_last_pkt_time":1685929607649688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685929607649688,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"90.147.171.51","src_port":57092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":131,"flow_packet_id":1,"flow_src_last_pkt_time":1685929607649688,"flow_dst_last_pkt_time":1685929607649688,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685929607649688,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+dqxAADQRKhJAP9viWpOrM98EAasAKup1AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":134,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685929607649688,"flow_src_last_pkt_time":1685929607649688,"flow_dst_last_pkt_time":1685929607649688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685929607649688,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"90.147.171.51","src_port":57092,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685927801125774,"flow_src_last_pkt_time":1685927801125774,"flow_dst_last_pkt_time":1685927801125774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685929607649688,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"165.114.202.61","src_port":29946,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":135,"packets-processed":134,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7357,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":131,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":131,"total-idle-flows":130,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":636,"global_ts_usec":1685930408325419} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":135,"packets-processed":134,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7357,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":131,"total-detection-updates":0,"total-updates":26,"current-active-flows":1,"total-active-flows":131,"total-idle-flows":130,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":636,"global_ts_usec":1685930408325419} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930408325419,"flow_src_last_pkt_time":1685930408325419,"flow_dst_last_pkt_time":1685930408325419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930408325419,"l3_proto":"ip4","src_ip":"160.184.203.250","dst_ip":"74.111.203.55","src_port":41825,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":132,"flow_packet_id":1,"flow_src_last_pkt_time":1685930408325419,"flow_dst_last_pkt_time":1685930408325419,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685930408325419,"pkt":"ipffLU2SPJTVQTiBCABFAAA+RodAADQRWiiguMv6Sm\/LN6NhAasAKiYKAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":135,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930408325419,"flow_src_last_pkt_time":1685930408325419,"flow_dst_last_pkt_time":1685930408325419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930408325419,"l3_proto":"ip4","src_ip":"160.184.203.250","dst_ip":"74.111.203.55","src_port":41825,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -642,7 +642,7 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":136,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":133,"flow_packet_id":1,"flow_src_last_pkt_time":1685930521950503,"flow_dst_last_pkt_time":1685930521950503,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685930521950503,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+FB1AADQRjJVAP9vipXLKPd8EAasAKuppAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":136,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930521950503,"flow_src_last_pkt_time":1685930521950503,"flow_dst_last_pkt_time":1685930521950503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930521950503,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"165.114.202.61","src_port":57092,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00989{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685930408325419,"flow_src_last_pkt_time":1685930408325419,"flow_dst_last_pkt_time":1685930408325419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685930521950503,"l3_proto":"ip4","src_ip":"160.184.203.250","dst_ip":"74.111.203.55","src_port":41825,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":137,"packets-processed":136,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7425,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":133,"total-detection-updates":0,"total-updates":27,"current-active-flows":2,"total-active-flows":133,"total-idle-flows":131,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":645,"global_ts_usec":1685931213042208} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":137,"packets-processed":136,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7425,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":133,"total-detection-updates":0,"total-updates":27,"current-active-flows":2,"total-active-flows":133,"total-idle-flows":131,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":645,"global_ts_usec":1685931213042208} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931213042208,"flow_src_last_pkt_time":1685931213042208,"flow_dst_last_pkt_time":1685931213042208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931213042208,"l3_proto":"ip4","src_ip":"64.71.218.224","dst_ip":"85.111.52.57","src_port":20366,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":134,"flow_packet_id":1,"flow_src_last_pkt_time":1685931213042208,"flow_dst_last_pkt_time":1685931213042208,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685931213042208,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+edhAADQRJt1AR9rgVW80OU+OAasAKnnjAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":137,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931213042208,"flow_src_last_pkt_time":1685931213042208,"flow_dst_last_pkt_time":1685931213042208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931213042208,"l3_proto":"ip4","src_ip":"64.71.218.224","dst_ip":"85.111.52.57","src_port":20366,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -661,17 +661,17 @@ 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931213042208,"flow_src_last_pkt_time":1685931213042208,"flow_dst_last_pkt_time":1685931213042208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931793309466,"l3_proto":"ip4","src_ip":"64.71.218.224","dst_ip":"85.111.52.57","src_port":20366,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931339492549,"flow_src_last_pkt_time":1685931339492549,"flow_dst_last_pkt_time":1685931339492549,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931793309466,"l3_proto":"ip4","src_ip":"64.63.219.226","dst_ip":"90.141.37.56","src_port":10207,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931328327343,"flow_src_last_pkt_time":1685931328327343,"flow_dst_last_pkt_time":1685931328327343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685931793309466,"l3_proto":"ip4","src_ip":"64.65.52.246","dst_ip":"165.144.84.62","src_port":10179,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":141,"packets-processed":140,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7561,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":137,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":137,"total-idle-flows":136,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":664,"global_ts_usec":1685932001528402} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":141,"packets-processed":140,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7561,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":137,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":137,"total-idle-flows":136,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":664,"global_ts_usec":1685932001528402} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932001528402,"flow_src_last_pkt_time":1685932001528402,"flow_dst_last_pkt_time":1685932001528402,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932001528402,"l3_proto":"ip4","src_ip":"65.62.197.248","dst_ip":"69.109.187.54","src_port":45675,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":138,"flow_packet_id":1,"flow_src_last_pkt_time":1685932001528402,"flow_dst_last_pkt_time":1685932001528402,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1685932001528402,"pkt":"bpHurUgdPJTVQTiBCABFAAA++0RAADQRpWtBPsX4RW27NrJrAasAKhcBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":141,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932001528402,"flow_src_last_pkt_time":1685932001528402,"flow_dst_last_pkt_time":1685932001528402,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932001528402,"l3_proto":"ip4","src_ip":"65.62.197.248","dst_ip":"69.109.187.54","src_port":45675,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00991{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685931793309466,"flow_src_last_pkt_time":1685931793309466,"flow_dst_last_pkt_time":1685931793309466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932001528402,"l3_proto":"ip4","src_ip":"161.193.58.225","dst_ip":"186.112.202.53","src_port":64776,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":142,"packets-processed":141,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7595,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":138,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":138,"total-idle-flows":137,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":669,"global_ts_usec":1685932876135808} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":142,"packets-processed":141,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7595,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":138,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":138,"total-idle-flows":137,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":669,"global_ts_usec":1685932876135808} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932876135808,"flow_src_last_pkt_time":1685932876135808,"flow_dst_last_pkt_time":1685932876135808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932876135808,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"165.144.84.62","src_port":48728,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":139,"flow_packet_id":1,"flow_src_last_pkt_time":1685932876135808,"flow_dst_last_pkt_time":1685932876135808,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685932876135808,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAPARqBoQY5OSpZBUPr5YAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932876135808,"flow_src_last_pkt_time":1685932876135808,"flow_dst_last_pkt_time":1685932876135808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932876135808,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"165.144.84.62","src_port":48728,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685932001528402,"flow_src_last_pkt_time":1685932001528402,"flow_dst_last_pkt_time":1685932001528402,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685932876135808,"l3_proto":"ip4","src_ip":"65.62.197.248","dst_ip":"69.109.187.54","src_port":45675,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":143,"packets-processed":142,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7693,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":139,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":139,"total-idle-flows":138,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":674,"global_ts_usec":1685933841851094} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":143,"packets-processed":142,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7693,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":139,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":139,"total-idle-flows":138,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":674,"global_ts_usec":1685933841851094} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685933841851094,"flow_src_last_pkt_time":1685933841851094,"flow_dst_last_pkt_time":1685933841851094,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685933841851094,"l3_proto":"ip4","src_ip":"75.153.126.243","dst_ip":"69.109.187.54","src_port":54378,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":140,"flow_packet_id":1,"flow_src_last_pkt_time":1685933841851094,"flow_dst_last_pkt_time":1685933841851094,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":1685933841851094,"pkt":"bpHurUgdPJTVQTiBCABFAABU0ltAADQRvvtLmX7zRW27NtRqAasAQAAAAgEAADggAAAAAGqbAAJlbgAAABdzZXJ2aWNlOmRpcmVjdG9yeS1hZ2VudAAHZGVmYXVsdAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685933841851094,"flow_src_last_pkt_time":1685933841851094,"flow_dst_last_pkt_time":1685933841851094,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685933841851094,"l3_proto":"ip4","src_ip":"75.153.126.243","dst_ip":"69.109.187.54","src_port":54378,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -680,7 +680,7 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":144,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":141,"flow_packet_id":1,"flow_src_last_pkt_time":1685934156732428,"flow_dst_last_pkt_time":1685934156732428,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685934156732428,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbI5G2LpnpZBUPtpIAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":144,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685934156732428,"flow_src_last_pkt_time":1685934156732428,"flow_dst_last_pkt_time":1685934156732428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685934156732428,"l3_proto":"ip4","src_ip":"70.216.186.103","dst_ip":"165.144.84.62","src_port":55880,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685933841851094,"flow_src_last_pkt_time":1685933841851094,"flow_dst_last_pkt_time":1685933841851094,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685934156732428,"l3_proto":"ip4","src_ip":"75.153.126.243","dst_ip":"69.109.187.54","src_port":54378,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":145,"packets-processed":144,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7778,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":141,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":141,"total-idle-flows":140,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":683,"global_ts_usec":1685949298361033} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":145,"packets-processed":144,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7778,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":141,"total-detection-updates":0,"total-updates":28,"current-active-flows":1,"total-active-flows":141,"total-idle-flows":140,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":683,"global_ts_usec":1685949298361033} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949298361033,"flow_src_last_pkt_time":1685949298361033,"flow_dst_last_pkt_time":1685949298361033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949298361033,"l3_proto":"ip4","src_ip":"82.14.191.177","dst_ip":"186.112.202.53","src_port":51704,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":142,"flow_packet_id":1,"flow_src_last_pkt_time":1685949298361033,"flow_dst_last_pkt_time":1685949298361033,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685949298361033,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPoRXw9SDr+xunDKNcn4AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949298361033,"flow_src_last_pkt_time":1685949298361033,"flow_dst_last_pkt_time":1685949298361033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949298361033,"l3_proto":"ip4","src_ip":"82.14.191.177","dst_ip":"186.112.202.53","src_port":51704,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -694,48 +694,48 @@ 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":147,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949575864849,"flow_src_last_pkt_time":1685949575864849,"flow_dst_last_pkt_time":1685949575864849,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949575864849,"l3_proto":"ip4","src_ip":"166.235.162.1","dst_ip":"165.114.202.61","src_port":50338,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949298361033,"flow_src_last_pkt_time":1685949298361033,"flow_dst_last_pkt_time":1685949298361033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949575864849,"l3_proto":"ip4","src_ip":"82.14.191.177","dst_ip":"186.112.202.53","src_port":51704,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949441960339,"flow_src_last_pkt_time":1685949441960339,"flow_dst_last_pkt_time":1685949441960339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685949575864849,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"69.109.187.54","src_port":49306,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":148,"packets-processed":147,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7865,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":144,"total-detection-updates":0,"total-updates":30,"current-active-flows":2,"total-active-flows":144,"total-idle-flows":142,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":697,"global_ts_usec":1685950065516616} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":148,"packets-processed":147,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7865,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":144,"total-detection-updates":0,"total-updates":30,"current-active-flows":2,"total-active-flows":144,"total-idle-flows":142,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":697,"global_ts_usec":1685950065516616} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950065516616,"flow_src_last_pkt_time":1685950065516616,"flow_dst_last_pkt_time":1685950065516616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950065516616,"l3_proto":"ip4","src_ip":"38.238.166.9","dst_ip":"90.147.171.51","src_port":56529,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":1,"flow_src_last_pkt_time":1685950065516616,"flow_dst_last_pkt_time":1685950065516616,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685950065516616,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbUAm7qYJWpOrM9zRAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":148,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950065516616,"flow_src_last_pkt_time":1685950065516616,"flow_dst_last_pkt_time":1685950065516616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950065516616,"l3_proto":"ip4","src_ip":"38.238.166.9","dst_ip":"90.147.171.51","src_port":56529,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949575864849,"flow_src_last_pkt_time":1685949575864849,"flow_dst_last_pkt_time":1685949575864849,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950065516616,"l3_proto":"ip4","src_ip":"166.235.162.1","dst_ip":"165.114.202.61","src_port":50338,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685949441960339,"flow_src_last_pkt_time":1685949441960339,"flow_dst_last_pkt_time":1685949441960339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950065516616,"l3_proto":"ip4","src_ip":"70.28.101.252","dst_ip":"69.109.187.54","src_port":49306,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":149,"packets-processed":148,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7894,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":145,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":145,"total-idle-flows":144,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":703,"global_ts_usec":1685950716132805} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":149,"packets-processed":148,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7894,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":145,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":145,"total-idle-flows":144,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":703,"global_ts_usec":1685950716132805} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950716132805,"flow_src_last_pkt_time":1685950716132805,"flow_dst_last_pkt_time":1685950716132805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950716132805,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.141.37.56","src_port":51495,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":1,"flow_src_last_pkt_time":1685950716132805,"flow_dst_last_pkt_time":1685950716132805,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685950716132805,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRX57OzBhaWo0lOMknAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":149,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950716132805,"flow_src_last_pkt_time":1685950716132805,"flow_dst_last_pkt_time":1685950716132805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950716132805,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.141.37.56","src_port":51495,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950065516616,"flow_src_last_pkt_time":1685950065516616,"flow_dst_last_pkt_time":1685950065516616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685950716132805,"l3_proto":"ip4","src_ip":"38.238.166.9","dst_ip":"90.147.171.51","src_port":56529,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":150,"packets-processed":149,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":146,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":146,"total-idle-flows":145,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":708,"global_ts_usec":1685952673673917} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":150,"packets-processed":149,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":146,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":146,"total-idle-flows":145,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":708,"global_ts_usec":1685952673673917} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685952673673917,"flow_src_last_pkt_time":1685952673673917,"flow_dst_last_pkt_time":1685952673673917,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685952673673917,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"90.147.171.51","src_port":5073,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":1,"flow_src_last_pkt_time":1685952673673917,"flow_dst_last_pkt_time":1685952673673917,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685952673673917,"pkt":"AAwp30Y4PJTVQTiBCABFAABLLRsAACcRpgilgP10WpOrMxPRAasANxtlAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685952673673917,"flow_src_last_pkt_time":1685952673673917,"flow_dst_last_pkt_time":1685952673673917,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685952673673917,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"90.147.171.51","src_port":5073,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685950716132805,"flow_src_last_pkt_time":1685950716132805,"flow_dst_last_pkt_time":1685950716132805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685952673673917,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.141.37.56","src_port":51495,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":151,"packets-processed":150,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7970,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":147,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":147,"total-idle-flows":146,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":713,"global_ts_usec":1685953474074395} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":151,"packets-processed":150,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7970,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":147,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":147,"total-idle-flows":146,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":713,"global_ts_usec":1685953474074395} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685953474074395,"flow_src_last_pkt_time":1685953474074395,"flow_dst_last_pkt_time":1685953474074395,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685953474074395,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.111.212.50","src_port":56070,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":1,"flow_src_last_pkt_time":1685953474074395,"flow_dst_last_pkt_time":1685953474074395,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685953474074395,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbdLZH+f\/Wm\/UMtsGAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":151,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685953474074395,"flow_src_last_pkt_time":1685953474074395,"flow_dst_last_pkt_time":1685953474074395,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685953474074395,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.111.212.50","src_port":56070,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685952673673917,"flow_src_last_pkt_time":1685952673673917,"flow_dst_last_pkt_time":1685952673673917,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685953474074395,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"90.147.171.51","src_port":5073,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":152,"packets-processed":151,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7999,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":148,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":148,"total-idle-flows":147,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":718,"global_ts_usec":1685956234214319} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":152,"packets-processed":151,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":7999,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":148,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":148,"total-idle-flows":147,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":718,"global_ts_usec":1685956234214319} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685956234214319,"flow_src_last_pkt_time":1685956234214319,"flow_dst_last_pkt_time":1685956234214319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685956234214319,"l3_proto":"ip4","src_ip":"28.102.134.210","dst_ip":"69.109.187.54","src_port":45382,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":1,"flow_src_last_pkt_time":1685956234214319,"flow_dst_last_pkt_time":1685956234214319,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685956234214319,"pkt":"bpHurUgdPJTVQTiBCABFCABLd1MAACQRTR0cZobSRW27NrFGAasAN2xEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":152,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685956234214319,"flow_src_last_pkt_time":1685956234214319,"flow_dst_last_pkt_time":1685956234214319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685956234214319,"l3_proto":"ip4","src_ip":"28.102.134.210","dst_ip":"69.109.187.54","src_port":45382,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685953474074395,"flow_src_last_pkt_time":1685953474074395,"flow_dst_last_pkt_time":1685953474074395,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685956234214319,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.111.212.50","src_port":56070,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":153,"packets-processed":152,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8046,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":149,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":149,"total-idle-flows":148,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":723,"global_ts_usec":1685959206891430} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":153,"packets-processed":152,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8046,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":149,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":149,"total-idle-flows":148,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":723,"global_ts_usec":1685959206891430} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685959206891430,"flow_src_last_pkt_time":1685959206891430,"flow_dst_last_pkt_time":1685959206891430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685959206891430,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"85.111.52.57","src_port":50984,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":1,"flow_src_last_pkt_time":1685959206891430,"flow_dst_last_pkt_time":1685959206891430,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1685959206891430,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRX32t8T8kVW80OccoAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":153,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685959206891430,"flow_src_last_pkt_time":1685959206891430,"flow_dst_last_pkt_time":1685959206891430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685959206891430,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"85.111.52.57","src_port":50984,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685956234214319,"flow_src_last_pkt_time":1685956234214319,"flow_dst_last_pkt_time":1685956234214319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685959206891430,"l3_proto":"ip4","src_ip":"28.102.134.210","dst_ip":"69.109.187.54","src_port":45382,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":154,"packets-processed":153,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8075,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":150,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":150,"total-idle-flows":149,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":728,"global_ts_usec":1685960845026064} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":154,"packets-processed":153,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8075,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":150,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":150,"total-idle-flows":149,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":728,"global_ts_usec":1685960845026064} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685960845026064,"flow_src_last_pkt_time":1685960845026064,"flow_dst_last_pkt_time":1685960845026064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685960845026064,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.111.212.50","src_port":60145,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":1,"flow_src_last_pkt_time":1685960845026064,"flow_dst_last_pkt_time":1685960845026064,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685960845026064,"pkt":"AAwp30Y4PJTVQTiBCABFAAA11DEAAPER0yNRGCtqWm\/UMurxAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":154,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685960845026064,"flow_src_last_pkt_time":1685960845026064,"flow_dst_last_pkt_time":1685960845026064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685960845026064,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.111.212.50","src_port":60145,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685959206891430,"flow_src_last_pkt_time":1685959206891430,"flow_dst_last_pkt_time":1685959206891430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685960845026064,"l3_proto":"ip4","src_ip":"173.241.63.36","dst_ip":"85.111.52.57","src_port":50984,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":155,"packets-processed":154,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8100,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":151,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":151,"total-idle-flows":150,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":733,"global_ts_usec":1685964244002056} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":155,"packets-processed":154,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8100,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":151,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":151,"total-idle-flows":150,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":733,"global_ts_usec":1685964244002056} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685964244002056,"flow_src_last_pkt_time":1685964244002056,"flow_dst_last_pkt_time":1685964244002056,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685964244002056,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"74.111.203.55","src_port":57096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":1,"flow_src_last_pkt_time":1685964244002056,"flow_dst_last_pkt_time":1685964244002056,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685964244002056,"pkt":"ipffLU2SPJTVQTiBCABFAAA11DEAAPER0yJRGCtqSm\/LN98IAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":155,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685964244002056,"flow_src_last_pkt_time":1685964244002056,"flow_dst_last_pkt_time":1685964244002056,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685964244002056,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"74.111.203.55","src_port":57096,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685960845026064,"flow_src_last_pkt_time":1685960845026064,"flow_dst_last_pkt_time":1685960845026064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685964244002056,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.111.212.50","src_port":60145,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":156,"packets-processed":155,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8125,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":152,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":152,"total-idle-flows":151,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":738,"global_ts_usec":1685969568367700} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":156,"packets-processed":155,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8125,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":152,"total-detection-updates":0,"total-updates":30,"current-active-flows":1,"total-active-flows":152,"total-idle-flows":151,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":738,"global_ts_usec":1685969568367700} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969568367700,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969568367700,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"69.109.187.54","src_port":58419,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":1,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685969568367700,"pkt":"bpHurUgdPJTVQTiBCABFAAA11DEAAPER0yFRGCtqRW27NuQzAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":156,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969568367700,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969568367700,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"69.109.187.54","src_port":58419,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -744,13 +744,13 @@ 00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":154,"flow_packet_id":1,"flow_src_last_pkt_time":1685969623534341,"flow_dst_last_pkt_time":1685969623534341,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685969623534341,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA11DEAAPER0x1RGCtqVW80OcwTAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969623534341,"flow_src_last_pkt_time":1685969623534341,"flow_dst_last_pkt_time":1685969623534341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969623534341,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"85.111.52.57","src_port":52243,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969568367700,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685969623534341,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"69.109.187.54","src_port":58419,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":158,"packets-processed":157,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8175,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":154,"total-detection-updates":0,"total-updates":31,"current-active-flows":2,"total-active-flows":154,"total-idle-flows":152,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":747,"global_ts_usec":1685976878692319} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":158,"packets-processed":157,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8175,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":154,"total-detection-updates":0,"total-updates":31,"current-active-flows":2,"total-active-flows":154,"total-idle-flows":152,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":747,"global_ts_usec":1685976878692319} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685976878692319,"flow_src_last_pkt_time":1685976878692319,"flow_dst_last_pkt_time":1685976878692319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685976878692319,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":39508,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":155,"flow_packet_id":1,"flow_src_last_pkt_time":1685976878692319,"flow_dst_last_pkt_time":1685976878692319,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685976878692319,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDMdGtG\/xpZBUPppUAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685976878692319,"flow_src_last_pkt_time":1685976878692319,"flow_dst_last_pkt_time":1685976878692319,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685976878692319,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":39508,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969623534341,"flow_src_last_pkt_time":1685969623534341,"flow_dst_last_pkt_time":1685969623534341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685976878692319,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"85.111.52.57","src_port":52243,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685969568367700,"flow_src_last_pkt_time":1685969568367700,"flow_dst_last_pkt_time":1685969568367700,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685976878692319,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"69.109.187.54","src_port":58419,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":159,"packets-processed":158,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8273,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":155,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":155,"total-idle-flows":154,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":753,"global_ts_usec":1685980039598832} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":159,"packets-processed":158,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8273,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":155,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":155,"total-idle-flows":154,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":753,"global_ts_usec":1685980039598832} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980039598832,"flow_src_last_pkt_time":1685980039598832,"flow_dst_last_pkt_time":1685980039598832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980039598832,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.111.212.50","src_port":45704,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":156,"flow_packet_id":1,"flow_src_last_pkt_time":1685980039598832,"flow_dst_last_pkt_time":1685980039598832,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685980039598832,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSrQZLGIWm\/UMrKIAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980039598832,"flow_src_last_pkt_time":1685980039598832,"flow_dst_last_pkt_time":1685980039598832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980039598832,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.111.212.50","src_port":45704,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -759,7 +759,7 @@ 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":157,"flow_packet_id":1,"flow_src_last_pkt_time":1685980256079266,"flow_dst_last_pkt_time":1685980256079266,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685980256079266,"pkt":"AAwp30Y4PJTVQTiBCABFAAA11DEAAPER0xlRGCtqpZBUPrejAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980256079266,"flow_src_last_pkt_time":1685980256079266,"flow_dst_last_pkt_time":1685980256079266,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980256079266,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"165.144.84.62","src_port":47011,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980039598832,"flow_src_last_pkt_time":1685980039598832,"flow_dst_last_pkt_time":1685980039598832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980256079266,"l3_proto":"ip4","src_ip":"208.100.177.136","dst_ip":"90.111.212.50","src_port":45704,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":161,"packets-processed":160,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8396,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":157,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":157,"total-idle-flows":156,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":762,"global_ts_usec":1685980966068969} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":161,"packets-processed":160,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8396,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":157,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":157,"total-idle-flows":156,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":762,"global_ts_usec":1685980966068969} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980966068969,"flow_src_last_pkt_time":1685980966068969,"flow_dst_last_pkt_time":1685980966068969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980966068969,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"69.109.187.54","src_port":33316,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":158,"flow_packet_id":1,"flow_src_last_pkt_time":1685980966068969,"flow_dst_last_pkt_time":1685980966068969,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685980966068969,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPIRCw62tHiLRW27NoIkAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980966068969,"flow_src_last_pkt_time":1685980966068969,"flow_dst_last_pkt_time":1685980966068969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685980966068969,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"69.109.187.54","src_port":33316,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -768,7 +768,7 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":159,"flow_packet_id":1,"flow_src_last_pkt_time":1685981433727126,"flow_dst_last_pkt_time":1685981433727126,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685981433727126,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPIRCwu2tHiLWo0lOJWZAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685981433727126,"flow_src_last_pkt_time":1685981433727126,"flow_dst_last_pkt_time":1685981433727126,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685981433727126,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":38297,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685980966068969,"flow_src_last_pkt_time":1685980966068969,"flow_dst_last_pkt_time":1685980966068969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685981433727126,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"69.109.187.54","src_port":33316,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":163,"packets-processed":162,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8592,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":159,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":159,"total-idle-flows":158,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":771,"global_ts_usec":1685983024598099} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":163,"packets-processed":162,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8592,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":159,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":159,"total-idle-flows":158,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":771,"global_ts_usec":1685983024598099} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983024598099,"flow_src_last_pkt_time":1685983024598099,"flow_dst_last_pkt_time":1685983024598099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983024598099,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":49217,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":160,"flow_packet_id":1,"flow_src_last_pkt_time":1685983024598099,"flow_dst_last_pkt_time":1685983024598099,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685983024598099,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPMRCY72S2hzWpG0OsBBAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983024598099,"flow_src_last_pkt_time":1685983024598099,"flow_dst_last_pkt_time":1685983024598099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983024598099,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":49217,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -776,7 +776,7 @@ 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983044584108,"flow_src_last_pkt_time":1685983044584108,"flow_dst_last_pkt_time":1685983044584108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983044584108,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50697,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":161,"flow_packet_id":1,"flow_src_last_pkt_time":1685983044584108,"flow_dst_last_pkt_time":1685983044584108,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685983044584108,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAPMRCZP2S2hzunDKNcYJAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983044584108,"flow_src_last_pkt_time":1685983044584108,"flow_dst_last_pkt_time":1685983044584108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983044584108,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50697,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":165,"packets-processed":164,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8788,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":161,"total-detection-updates":0,"total-updates":31,"current-active-flows":2,"total-active-flows":161,"total-idle-flows":159,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":779,"global_ts_usec":1685983887017305} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":165,"packets-processed":164,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8788,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":161,"total-detection-updates":0,"total-updates":31,"current-active-flows":2,"total-active-flows":161,"total-idle-flows":159,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":779,"global_ts_usec":1685983887017305} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983887017305,"flow_src_last_pkt_time":1685983887017305,"flow_dst_last_pkt_time":1685983887017305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983887017305,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":57093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":162,"flow_packet_id":1,"flow_src_last_pkt_time":1685983887017305,"flow_dst_last_pkt_time":1685983887017305,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685983887017305,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPMRpTItfJOcVW80Od8FAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983887017305,"flow_src_last_pkt_time":1685983887017305,"flow_dst_last_pkt_time":1685983887017305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685983887017305,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":57093,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -786,7 +786,7 @@ 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":163,"flow_packet_id":1,"flow_src_last_pkt_time":1685984091734191,"flow_dst_last_pkt_time":1685984091734191,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685984091734191,"pkt":"3jHC4dyOPJTVQTiBCABFAAA11DEAAPER0x5RGCtqWo0lOO2PAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685984091734191,"flow_src_last_pkt_time":1685984091734191,"flow_dst_last_pkt_time":1685984091734191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685984091734191,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.141.37.56","src_port":60815,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685983887017305,"flow_src_last_pkt_time":1685983887017305,"flow_dst_last_pkt_time":1685983887017305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685984091734191,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"85.111.52.57","src_port":57093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":167,"packets-processed":166,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8911,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":163,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":163,"total-idle-flows":162,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":789,"global_ts_usec":1685986621173581} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":167,"packets-processed":166,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":8911,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":163,"total-detection-updates":0,"total-updates":31,"current-active-flows":1,"total-active-flows":163,"total-idle-flows":162,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":789,"global_ts_usec":1685986621173581} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986621173581,"flow_src_last_pkt_time":1685986621173581,"flow_dst_last_pkt_time":1685986621173581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986621173581,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"74.111.203.55","src_port":34990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":164,"flow_packet_id":1,"flow_src_last_pkt_time":1685986621173581,"flow_dst_last_pkt_time":1685986621173581,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685986621173581,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRCZX2S2hzSm\/LN4iuAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986621173581,"flow_src_last_pkt_time":1685986621173581,"flow_dst_last_pkt_time":1685986621173581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986621173581,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"74.111.203.55","src_port":34990,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -798,54 +798,54 @@ 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":169,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986755864865,"flow_src_last_pkt_time":1685986755864865,"flow_dst_last_pkt_time":1685986755864865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986755864865,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.114.202.61","src_port":39574,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":169,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":166,"flow_packet_id":1,"flow_src_last_pkt_time":1685986755864865,"flow_dst_last_pkt_time":1685986755864865,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1685986755864865,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDMe4tKjwpXLKPZqWAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":169,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986755864865,"flow_src_last_pkt_time":1685986755864865,"flow_dst_last_pkt_time":1685986755864865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685986755864865,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.114.202.61","src_port":39574,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":170,"packets-processed":169,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9205,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":166,"total-detection-updates":0,"total-updates":32,"current-active-flows":3,"total-active-flows":166,"total-idle-flows":163,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":801,"global_ts_usec":1685988729872897} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":170,"packets-processed":169,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9205,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":166,"total-detection-updates":0,"total-updates":32,"current-active-flows":3,"total-active-flows":166,"total-idle-flows":163,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":801,"global_ts_usec":1685988729872897} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685988729872897,"flow_src_last_pkt_time":1685988729872897,"flow_dst_last_pkt_time":1685988729872897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.147.171.51","src_port":58836,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":167,"flow_packet_id":1,"flow_src_last_pkt_time":1685988729872897,"flow_dst_last_pkt_time":1685988729872897,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1685988729872897,"pkt":"AAwp30Y4PJTVQTiBCABFAAA11DEAAPER0yRRGCtqWpOrM+XUAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685988729872897,"flow_src_last_pkt_time":1685988729872897,"flow_dst_last_pkt_time":1685988729872897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.147.171.51","src_port":58836,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986711741123,"flow_src_last_pkt_time":1685986711741123,"flow_dst_last_pkt_time":1685986711741123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"90.147.171.51","src_port":41989,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986755864865,"flow_src_last_pkt_time":1685986755864865,"flow_dst_last_pkt_time":1685986755864865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"165.114.202.61","src_port":39574,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685986621173581,"flow_src_last_pkt_time":1685986621173581,"flow_dst_last_pkt_time":1685986621173581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685988729872897,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"74.111.203.55","src_port":34990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":171,"packets-processed":170,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9230,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":167,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":167,"total-idle-flows":166,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":808,"global_ts_usec":1685993522728404} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":171,"packets-processed":170,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9230,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":167,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":167,"total-idle-flows":166,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":808,"global_ts_usec":1685993522728404} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685993522728404,"flow_src_last_pkt_time":1685993522728404,"flow_dst_last_pkt_time":1685993522728404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685993522728404,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.147.171.51","src_port":1724,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":168,"flow_packet_id":1,"flow_src_last_pkt_time":1685993522728404,"flow_dst_last_pkt_time":1685993522728404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685993522728404,"pkt":"AAwp30Y4PJTVQTiBCABFCABLWP8AACIRca5kOJtwWpOrMwa8AasANxsMAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685993522728404,"flow_src_last_pkt_time":1685993522728404,"flow_dst_last_pkt_time":1685993522728404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685993522728404,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.147.171.51","src_port":1724,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685988729872897,"flow_src_last_pkt_time":1685988729872897,"flow_dst_last_pkt_time":1685988729872897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685993522728404,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.147.171.51","src_port":58836,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":172,"packets-processed":171,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9277,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":168,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":168,"total-idle-flows":167,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":813,"global_ts_usec":1685998634406588} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":172,"packets-processed":171,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9277,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":168,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":168,"total-idle-flows":167,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":813,"global_ts_usec":1685998634406588} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685998634406588,"flow_src_last_pkt_time":1685998634406588,"flow_dst_last_pkt_time":1685998634406588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685998634406588,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"74.111.203.55","src_port":10457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":169,"flow_packet_id":1,"flow_src_last_pkt_time":1685998634406588,"flow_dst_last_pkt_time":1685998634406588,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1685998634406588,"pkt":"ipffLU2SPJTVQTiBCABFCABLN5cAACQRjNbjhlHUSm\/LNyjZAasAN\/SuAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685998634406588,"flow_src_last_pkt_time":1685998634406588,"flow_dst_last_pkt_time":1685998634406588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685998634406588,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"74.111.203.55","src_port":10457,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685993522728404,"flow_src_last_pkt_time":1685993522728404,"flow_dst_last_pkt_time":1685993522728404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685998634406588,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.147.171.51","src_port":1724,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":173,"packets-processed":172,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9324,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":169,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":169,"total-idle-flows":168,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":818,"global_ts_usec":1685999686351420} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":173,"packets-processed":172,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9324,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":169,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":169,"total-idle-flows":168,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":818,"global_ts_usec":1685999686351420} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685999686351420,"flow_src_last_pkt_time":1685999686351420,"flow_dst_last_pkt_time":1685999686351420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685999686351420,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"74.111.203.55","src_port":6448,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":170,"flow_packet_id":1,"flow_src_last_pkt_time":1685999686351420,"flow_dst_last_pkt_time":1685999686351420,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":1685999686351420,"pkt":"ipffLU2SPJTVQTiBCABFAABUtPJAADQR3GZLiYbySm\/LNxkwAasAQAAAAgEAADggAAAAAGqbAAJlbgAAABdzZXJ2aWNlOmRpcmVjdG9yeS1hZ2VudAAHZGVmYXVsdAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685999686351420,"flow_src_last_pkt_time":1685999686351420,"flow_dst_last_pkt_time":1685999686351420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685999686351420,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"74.111.203.55","src_port":6448,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685998634406588,"flow_src_last_pkt_time":1685998634406588,"flow_dst_last_pkt_time":1685998634406588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1685999686351420,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"74.111.203.55","src_port":10457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":174,"packets-processed":173,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9380,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":170,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":170,"total-idle-flows":169,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":823,"global_ts_usec":1686000601569343} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":174,"packets-processed":173,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9380,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":170,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":170,"total-idle-flows":169,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":823,"global_ts_usec":1686000601569343} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686000601569343,"flow_src_last_pkt_time":1686000601569343,"flow_dst_last_pkt_time":1686000601569343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686000601569343,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"165.144.84.62","src_port":2534,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":171,"flow_packet_id":1,"flow_src_last_pkt_time":1686000601569343,"flow_dst_last_pkt_time":1686000601569343,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686000601569343,"pkt":"AAwp30Y4PJTVQTiBCABFCABLI3sAACQRoOVbIWrapZBUPgnmAasANxOVAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686000601569343,"flow_src_last_pkt_time":1686000601569343,"flow_dst_last_pkt_time":1686000601569343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686000601569343,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"165.144.84.62","src_port":2534,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1685999686351420,"flow_src_last_pkt_time":1685999686351420,"flow_dst_last_pkt_time":1685999686351420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686000601569343,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"74.111.203.55","src_port":6448,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":175,"packets-processed":174,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9427,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":171,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":171,"total-idle-flows":170,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":828,"global_ts_usec":1686003718804460} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":175,"packets-processed":174,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9427,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":171,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":171,"total-idle-flows":170,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":828,"global_ts_usec":1686003718804460} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686003718804460,"flow_src_last_pkt_time":1686003718804460,"flow_dst_last_pkt_time":1686003718804460,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686003718804460,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"85.111.52.57","src_port":6239,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":172,"flow_packet_id":1,"flow_src_last_pkt_time":1686003718804460,"flow_dst_last_pkt_time":1686003718804460,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686003718804460,"pkt":"moT+\/Ph8PJTVQTiBCABFAABLfOYAACcRVjsid3p+VW80ORhfAasANxbVAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686003718804460,"flow_src_last_pkt_time":1686003718804460,"flow_dst_last_pkt_time":1686003718804460,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686003718804460,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"85.111.52.57","src_port":6239,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686000601569343,"flow_src_last_pkt_time":1686000601569343,"flow_dst_last_pkt_time":1686000601569343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686003718804460,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"165.144.84.62","src_port":2534,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":176,"packets-processed":175,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9474,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":172,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":172,"total-idle-flows":171,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":833,"global_ts_usec":1686005514515876} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":176,"packets-processed":175,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9474,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":172,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":172,"total-idle-flows":171,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":833,"global_ts_usec":1686005514515876} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686005514515876,"flow_src_last_pkt_time":1686005514515876,"flow_dst_last_pkt_time":1686005514515876,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686005514515876,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":52664,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":173,"flow_packet_id":1,"flow_src_last_pkt_time":1686005514515876,"flow_dst_last_pkt_time":1686005514515876,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686005514515876,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqhguZGGTpXLKPc24AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686005514515876,"flow_src_last_pkt_time":1686005514515876,"flow_dst_last_pkt_time":1686005514515876,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686005514515876,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":52664,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686003718804460,"flow_src_last_pkt_time":1686003718804460,"flow_dst_last_pkt_time":1686003718804460,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686005514515876,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"85.111.52.57","src_port":6239,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":177,"packets-processed":176,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9572,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":173,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":173,"total-idle-flows":172,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":838,"global_ts_usec":1686006182252244} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":177,"packets-processed":176,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9572,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":173,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":173,"total-idle-flows":172,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":838,"global_ts_usec":1686006182252244} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006182252244,"flow_src_last_pkt_time":1686006182252244,"flow_dst_last_pkt_time":1686006182252244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006182252244,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.145.180.58","src_port":48098,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":174,"flow_packet_id":1,"flow_src_last_pkt_time":1686006182252244,"flow_dst_last_pkt_time":1686006182252244,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686006182252244,"pkt":"bs1PogZtPJTVQTiBCABFAAA11DEAAPER0xtRGCtqWpG0OrviAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006182252244,"flow_src_last_pkt_time":1686006182252244,"flow_dst_last_pkt_time":1686006182252244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006182252244,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.145.180.58","src_port":48098,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686005514515876,"flow_src_last_pkt_time":1686005514515876,"flow_dst_last_pkt_time":1686005514515876,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006182252244,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":52664,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":178,"packets-processed":177,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9597,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":174,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":174,"total-idle-flows":173,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":843,"global_ts_usec":1686006861718393} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":178,"packets-processed":177,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9597,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":174,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":174,"total-idle-flows":173,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":843,"global_ts_usec":1686006861718393} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006861718393,"flow_src_last_pkt_time":1686006861718393,"flow_dst_last_pkt_time":1686006861718393,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006861718393,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"165.114.202.61","src_port":43525,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":175,"flow_packet_id":1,"flow_src_last_pkt_time":1686006861718393,"flow_dst_last_pkt_time":1686006861718393,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686006861718393,"pkt":"AAwp30Y4PJTVQTiBCABFAAA11DEAAPER0xhRGCtqpXLKPaoFAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006861718393,"flow_src_last_pkt_time":1686006861718393,"flow_dst_last_pkt_time":1686006861718393,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006861718393,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"165.114.202.61","src_port":43525,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686006182252244,"flow_src_last_pkt_time":1686006182252244,"flow_dst_last_pkt_time":1686006182252244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686006861718393,"l3_proto":"ip4","src_ip":"81.24.43.106","dst_ip":"90.145.180.58","src_port":48098,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":179,"packets-processed":178,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9622,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":175,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":175,"total-idle-flows":174,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":848,"global_ts_usec":1686010416557191} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":179,"packets-processed":178,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9622,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":175,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":175,"total-idle-flows":174,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":848,"global_ts_usec":1686010416557191} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010416557191,"flow_src_last_pkt_time":1686010416557191,"flow_dst_last_pkt_time":1686010416557191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010416557191,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"90.147.171.51","src_port":53342,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":176,"flow_packet_id":1,"flow_src_last_pkt_time":1686010416557191,"flow_dst_last_pkt_time":1686010416557191,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686010416557191,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbFkh2Fo4WpOrM9BeAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010416557191,"flow_src_last_pkt_time":1686010416557191,"flow_dst_last_pkt_time":1686010416557191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010416557191,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"90.147.171.51","src_port":53342,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -854,12 +854,12 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":180,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":177,"flow_packet_id":1,"flow_src_last_pkt_time":1686010882769715,"flow_dst_last_pkt_time":1686010882769715,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686010882769715,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbWahL8clunDKNcNaAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":180,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010882769715,"flow_src_last_pkt_time":1686010882769715,"flow_dst_last_pkt_time":1686010882769715,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010882769715,"l3_proto":"ip4","src_ip":"161.47.199.37","dst_ip":"186.112.202.53","src_port":50010,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010416557191,"flow_src_last_pkt_time":1686010416557191,"flow_dst_last_pkt_time":1686010416557191,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686010882769715,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"90.147.171.51","src_port":53342,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":181,"packets-processed":180,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9680,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":177,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":177,"total-idle-flows":176,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":857,"global_ts_usec":1686014238036586} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":181,"packets-processed":180,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9680,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":177,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":177,"total-idle-flows":176,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":857,"global_ts_usec":1686014238036586} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686014238036586,"flow_src_last_pkt_time":1686014238036586,"flow_dst_last_pkt_time":1686014238036586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686014238036586,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"90.111.212.50","src_port":41596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":178,"flow_packet_id":1,"flow_src_last_pkt_time":1686014238036586,"flow_dst_last_pkt_time":1686014238036586,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686014238036586,"pkt":"AAwp30Y4PJTVQTiBCABFAABLra8AACcRJW9dZnxwWm\/UMqJ8AasAN4y0AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686014238036586,"flow_src_last_pkt_time":1686014238036586,"flow_dst_last_pkt_time":1686014238036586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686014238036586,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"90.111.212.50","src_port":41596,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686010882769715,"flow_src_last_pkt_time":1686010882769715,"flow_dst_last_pkt_time":1686010882769715,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686014238036586,"l3_proto":"ip4","src_ip":"161.47.199.37","dst_ip":"186.112.202.53","src_port":50010,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":182,"packets-processed":181,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9727,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":178,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":178,"total-idle-flows":177,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":862,"global_ts_usec":1686016759751712} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":182,"packets-processed":181,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9727,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":178,"total-detection-updates":0,"total-updates":32,"current-active-flows":1,"total-active-flows":178,"total-idle-flows":177,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":862,"global_ts_usec":1686016759751712} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016759751712,"flow_src_last_pkt_time":1686016759751712,"flow_dst_last_pkt_time":1686016759751712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016759751712,"l3_proto":"ip4","src_ip":"119.34.147.222","dst_ip":"90.145.180.58","src_port":56878,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":179,"flow_packet_id":1,"flow_src_last_pkt_time":1686016759751712,"flow_dst_last_pkt_time":1686016759751712,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686016759751712,"pkt":"bs1PogZtPJTVQTiBCABFAAA+I89AADQRPpp3IpPeWpG0Ot4uAasAKqz2AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016759751712,"flow_src_last_pkt_time":1686016759751712,"flow_dst_last_pkt_time":1686016759751712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686016759751712,"l3_proto":"ip4","src_ip":"119.34.147.222","dst_ip":"90.145.180.58","src_port":56878,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -881,7 +881,7 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":186,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686017305054145,"flow_src_last_pkt_time":1686017305054145,"flow_dst_last_pkt_time":1686017305054145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017305054145,"l3_proto":"ip4","src_ip":"185.97.76.211","dst_ip":"69.109.187.54","src_port":42268,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686016985898059,"flow_src_last_pkt_time":1686016985898059,"flow_dst_last_pkt_time":1686016985898059,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017305054145,"l3_proto":"ip4","src_ip":"118.158.148.196","dst_ip":"165.114.202.61","src_port":44102,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686017148856498,"flow_src_last_pkt_time":1686017148856498,"flow_dst_last_pkt_time":1686017148856498,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686017305054145,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"85.111.52.57","src_port":23876,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":187,"packets-processed":186,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9897,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":183,"total-detection-updates":0,"total-updates":34,"current-active-flows":2,"total-active-flows":183,"total-idle-flows":181,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":884,"global_ts_usec":1686018209196915} +00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":187,"packets-processed":186,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9897,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":183,"total-detection-updates":0,"total-updates":34,"current-active-flows":2,"total-active-flows":183,"total-idle-flows":181,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":884,"global_ts_usec":1686018209196915} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018209196915,"flow_src_last_pkt_time":1686018209196915,"flow_dst_last_pkt_time":1686018209196915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018209196915,"l3_proto":"ip4","src_ip":"71.170.115.245","dst_ip":"74.111.203.55","src_port":44124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":184,"flow_packet_id":1,"flow_src_last_pkt_time":1686018209196915,"flow_dst_last_pkt_time":1686018209196915,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686018209196915,"pkt":"ipffLU2SPJTVQTiBCABFAAA+j29AADQR0xhHqnP1Sm\/LN6xcAasAKt7nAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018209196915,"flow_src_last_pkt_time":1686018209196915,"flow_dst_last_pkt_time":1686018209196915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018209196915,"l3_proto":"ip4","src_ip":"71.170.115.245","dst_ip":"74.111.203.55","src_port":44124,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -898,58 +898,58 @@ 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":190,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018707030417,"flow_src_last_pkt_time":1686018707030417,"flow_dst_last_pkt_time":1686018707030417,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018707030417,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"90.147.171.51","src_port":41215,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":190,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":187,"flow_packet_id":1,"flow_src_last_pkt_time":1686018707030417,"flow_dst_last_pkt_time":1686018707030417,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686018707030417,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+oClAADQRwmSG2bjyWpOrM6D\/AasAKupKAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":190,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018707030417,"flow_src_last_pkt_time":1686018707030417,"flow_dst_last_pkt_time":1686018707030417,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686018707030417,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"90.147.171.51","src_port":41215,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":191,"packets-processed":190,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10033,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":187,"total-detection-updates":0,"total-updates":34,"current-active-flows":2,"total-active-flows":187,"total-idle-flows":185,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":901,"global_ts_usec":1686019249802467} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":191,"packets-processed":190,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10033,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":187,"total-detection-updates":0,"total-updates":34,"current-active-flows":2,"total-active-flows":187,"total-idle-flows":185,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":901,"global_ts_usec":1686019249802467} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686019249802467,"flow_src_last_pkt_time":1686019249802467,"flow_dst_last_pkt_time":1686019249802467,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686019249802467,"l3_proto":"ip4","src_ip":"56.82.128.250","dst_ip":"186.112.202.53","src_port":53705,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":188,"flow_packet_id":1,"flow_src_last_pkt_time":1686019249802467,"flow_dst_last_pkt_time":1686019249802467,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686019249802467,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+q7VAADQRtsw4UoD6unDKNdHJAasAKrl0AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686019249802467,"flow_src_last_pkt_time":1686019249802467,"flow_dst_last_pkt_time":1686019249802467,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686019249802467,"l3_proto":"ip4","src_ip":"56.82.128.250","dst_ip":"186.112.202.53","src_port":53705,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018707030417,"flow_src_last_pkt_time":1686018707030417,"flow_dst_last_pkt_time":1686018707030417,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686019249802467,"l3_proto":"ip4","src_ip":"134.217.184.242","dst_ip":"90.147.171.51","src_port":41215,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686018689761553,"flow_src_last_pkt_time":1686018689761553,"flow_dst_last_pkt_time":1686018689761553,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686019249802467,"l3_proto":"ip4","src_ip":"71.170.115.245","dst_ip":"90.111.212.50","src_port":44124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":192,"packets-processed":191,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10067,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":188,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":188,"total-idle-flows":187,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":907,"global_ts_usec":1686021648125792} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":192,"packets-processed":191,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10067,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":188,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":188,"total-idle-flows":187,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":907,"global_ts_usec":1686021648125792} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686021648125792,"flow_src_last_pkt_time":1686021648125792,"flow_dst_last_pkt_time":1686021648125792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686021648125792,"l3_proto":"ip4","src_ip":"218.211.196.58","dst_ip":"85.111.52.57","src_port":52158,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":189,"flow_packet_id":1,"flow_src_last_pkt_time":1686021648125792,"flow_dst_last_pkt_time":1686021648125792,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686021648125792,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbU\/a08Q6VW80Ocu+AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":192,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686021648125792,"flow_src_last_pkt_time":1686021648125792,"flow_dst_last_pkt_time":1686021648125792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686021648125792,"l3_proto":"ip4","src_ip":"218.211.196.58","dst_ip":"85.111.52.57","src_port":52158,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686019249802467,"flow_src_last_pkt_time":1686019249802467,"flow_dst_last_pkt_time":1686019249802467,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686021648125792,"l3_proto":"ip4","src_ip":"56.82.128.250","dst_ip":"186.112.202.53","src_port":53705,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":193,"packets-processed":192,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10096,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":189,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":189,"total-idle-flows":188,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":912,"global_ts_usec":1686031186113585} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":193,"packets-processed":192,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10096,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":189,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":189,"total-idle-flows":188,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":912,"global_ts_usec":1686031186113585} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686031186113585,"flow_src_last_pkt_time":1686031186113585,"flow_dst_last_pkt_time":1686031186113585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686031186113585,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":34095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":190,"flow_packet_id":1,"flow_src_last_pkt_time":1686031186113585,"flow_dst_last_pkt_time":1686031186113585,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686031186113585,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpTjsg6KdWpOrM4UvAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686031186113585,"flow_src_last_pkt_time":1686031186113585,"flow_dst_last_pkt_time":1686031186113585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686031186113585,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":34095,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686021648125792,"flow_src_last_pkt_time":1686021648125792,"flow_dst_last_pkt_time":1686021648125792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686031186113585,"l3_proto":"ip4","src_ip":"218.211.196.58","dst_ip":"85.111.52.57","src_port":52158,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":194,"packets-processed":193,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10194,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":190,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":190,"total-idle-flows":189,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":917,"global_ts_usec":1686032769267683} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":194,"packets-processed":193,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10194,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":190,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":190,"total-idle-flows":189,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":917,"global_ts_usec":1686032769267683} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686032769267683,"flow_src_last_pkt_time":1686032769267683,"flow_dst_last_pkt_time":1686032769267683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686032769267683,"l3_proto":"ip4","src_ip":"177.48.184.247","dst_ip":"165.114.202.61","src_port":56640,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":191,"flow_packet_id":1,"flow_src_last_pkt_time":1686032769267683,"flow_dst_last_pkt_time":1686032769267683,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686032769267683,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXuqxMLj3pXLKPd1AAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":194,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686032769267683,"flow_src_last_pkt_time":1686032769267683,"flow_dst_last_pkt_time":1686032769267683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686032769267683,"l3_proto":"ip4","src_ip":"177.48.184.247","dst_ip":"165.114.202.61","src_port":56640,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686031186113585,"flow_src_last_pkt_time":1686031186113585,"flow_dst_last_pkt_time":1686031186113585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686032769267683,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":34095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":195,"packets-processed":194,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10223,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":191,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":191,"total-idle-flows":190,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":922,"global_ts_usec":1686040872007912} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":195,"packets-processed":194,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10223,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":191,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":191,"total-idle-flows":190,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":922,"global_ts_usec":1686040872007912} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686040872007912,"flow_src_last_pkt_time":1686040872007912,"flow_dst_last_pkt_time":1686040872007912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686040872007912,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"90.111.212.50","src_port":53489,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":192,"flow_packet_id":1,"flow_src_last_pkt_time":1686040872007912,"flow_dst_last_pkt_time":1686040872007912,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686040872007912,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbedFJOfmWm\/UMtDxAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":195,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686040872007912,"flow_src_last_pkt_time":1686040872007912,"flow_dst_last_pkt_time":1686040872007912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686040872007912,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"90.111.212.50","src_port":53489,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686032769267683,"flow_src_last_pkt_time":1686032769267683,"flow_dst_last_pkt_time":1686032769267683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686040872007912,"l3_proto":"ip4","src_ip":"177.48.184.247","dst_ip":"165.114.202.61","src_port":56640,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":196,"packets-processed":195,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10252,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":192,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":192,"total-idle-flows":191,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":927,"global_ts_usec":1686043388705512} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":196,"packets-processed":195,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10252,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":192,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":192,"total-idle-flows":191,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":927,"global_ts_usec":1686043388705512} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686043388705512,"flow_src_last_pkt_time":1686043388705512,"flow_dst_last_pkt_time":1686043388705512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686043388705512,"l3_proto":"ip4","src_ip":"44.239.95.30","dst_ip":"74.111.203.55","src_port":56105,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":193,"flow_packet_id":1,"flow_src_last_pkt_time":1686043388705512,"flow_dst_last_pkt_time":1686043388705512,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686043388705512,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRXlks718eSm\/LN9spAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":196,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686043388705512,"flow_src_last_pkt_time":1686043388705512,"flow_dst_last_pkt_time":1686043388705512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686043388705512,"l3_proto":"ip4","src_ip":"44.239.95.30","dst_ip":"74.111.203.55","src_port":56105,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686040872007912,"flow_src_last_pkt_time":1686040872007912,"flow_dst_last_pkt_time":1686040872007912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686043388705512,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"90.111.212.50","src_port":53489,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":197,"packets-processed":196,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10281,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":193,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":193,"total-idle-flows":192,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":932,"global_ts_usec":1686044168857770} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":197,"packets-processed":196,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10281,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":193,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":193,"total-idle-flows":192,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":932,"global_ts_usec":1686044168857770} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686044168857770,"flow_src_last_pkt_time":1686044168857770,"flow_dst_last_pkt_time":1686044168857770,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686044168857770,"l3_proto":"ip4","src_ip":"80.16.0.251","dst_ip":"165.144.84.62","src_port":49389,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":194,"flow_packet_id":1,"flow_src_last_pkt_time":1686044168857770,"flow_dst_last_pkt_time":1686044168857770,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686044168857770,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRX+RQEAD7pZBUPsDtAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":197,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686044168857770,"flow_src_last_pkt_time":1686044168857770,"flow_dst_last_pkt_time":1686044168857770,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686044168857770,"l3_proto":"ip4","src_ip":"80.16.0.251","dst_ip":"165.144.84.62","src_port":49389,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686043388705512,"flow_src_last_pkt_time":1686043388705512,"flow_dst_last_pkt_time":1686043388705512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686044168857770,"l3_proto":"ip4","src_ip":"44.239.95.30","dst_ip":"74.111.203.55","src_port":56105,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":198,"packets-processed":197,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10310,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":194,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":194,"total-idle-flows":193,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":937,"global_ts_usec":1686046546512327} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":198,"packets-processed":197,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10310,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":194,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":194,"total-idle-flows":193,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":937,"global_ts_usec":1686046546512327} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686046546512327,"flow_src_last_pkt_time":1686046546512327,"flow_dst_last_pkt_time":1686046546512327,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686046546512327,"l3_proto":"ip4","src_ip":"165.37.39.94","dst_ip":"69.109.187.54","src_port":49159,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":195,"flow_packet_id":1,"flow_src_last_pkt_time":1686046546512327,"flow_dst_last_pkt_time":1686046546512327,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686046546512327,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRbY2lJSdeRW27NsAHAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":198,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686046546512327,"flow_src_last_pkt_time":1686046546512327,"flow_dst_last_pkt_time":1686046546512327,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686046546512327,"l3_proto":"ip4","src_ip":"165.37.39.94","dst_ip":"69.109.187.54","src_port":49159,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686044168857770,"flow_src_last_pkt_time":1686044168857770,"flow_dst_last_pkt_time":1686044168857770,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686046546512327,"l3_proto":"ip4","src_ip":"80.16.0.251","dst_ip":"165.144.84.62","src_port":49389,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":199,"packets-processed":198,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10339,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":195,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":195,"total-idle-flows":194,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":942,"global_ts_usec":1686047674470156} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":199,"packets-processed":198,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10339,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":195,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":195,"total-idle-flows":194,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":942,"global_ts_usec":1686047674470156} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686047674470156,"flow_src_last_pkt_time":1686047674470156,"flow_dst_last_pkt_time":1686047674470156,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686047674470156,"l3_proto":"ip4","src_ip":"178.14.64.233","dst_ip":"90.141.37.56","src_port":55586,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":196,"flow_packet_id":1,"flow_src_last_pkt_time":1686047674470156,"flow_dst_last_pkt_time":1686047674470156,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686047674470156,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRXv+yDkDpWo0lONkiAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":199,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686047674470156,"flow_src_last_pkt_time":1686047674470156,"flow_dst_last_pkt_time":1686047674470156,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686047674470156,"l3_proto":"ip4","src_ip":"178.14.64.233","dst_ip":"90.141.37.56","src_port":55586,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686046546512327,"flow_src_last_pkt_time":1686046546512327,"flow_dst_last_pkt_time":1686046546512327,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686047674470156,"l3_proto":"ip4","src_ip":"165.37.39.94","dst_ip":"69.109.187.54","src_port":49159,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":200,"packets-processed":199,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10368,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":196,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":196,"total-idle-flows":195,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":947,"global_ts_usec":1686052550759741} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":200,"packets-processed":199,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10368,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":196,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":196,"total-idle-flows":195,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":947,"global_ts_usec":1686052550759741} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686052550759741,"flow_src_last_pkt_time":1686052550759741,"flow_dst_last_pkt_time":1686052550759741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686052550759741,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":47437,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":197,"flow_packet_id":1,"flow_src_last_pkt_time":1686052550759741,"flow_dst_last_pkt_time":1686052550759741,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686052550759741,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPblNAasAJTEiAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":200,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686052550759741,"flow_src_last_pkt_time":1686052550759741,"flow_dst_last_pkt_time":1686052550759741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686052550759741,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":47437,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686047674470156,"flow_src_last_pkt_time":1686047674470156,"flow_dst_last_pkt_time":1686047674470156,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686052550759741,"l3_proto":"ip4","src_ip":"178.14.64.233","dst_ip":"90.141.37.56","src_port":55586,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":201,"packets-processed":200,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10397,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":197,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":197,"total-idle-flows":196,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":952,"global_ts_usec":1686054840592952} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":201,"packets-processed":200,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10397,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":197,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":197,"total-idle-flows":196,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":952,"global_ts_usec":1686054840592952} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686054840592952,"flow_src_last_pkt_time":1686054840592952,"flow_dst_last_pkt_time":1686054840592952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686054840592952,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":44893,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":198,"flow_packet_id":1,"flow_src_last_pkt_time":1686054840592952,"flow_dst_last_pkt_time":1686054840592952,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686054840592952,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27Nq9dAasAJTsbAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":201,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686054840592952,"flow_src_last_pkt_time":1686054840592952,"flow_dst_last_pkt_time":1686054840592952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686054840592952,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":44893,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -958,12 +958,12 @@ 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":199,"flow_packet_id":1,"flow_src_last_pkt_time":1686055302350311,"flow_dst_last_pkt_time":1686055302350311,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686055302350311,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80ObceAasAJTNWAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686055302350311,"flow_src_last_pkt_time":1686055302350311,"flow_dst_last_pkt_time":1686055302350311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686055302350311,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":46878,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686054840592952,"flow_src_last_pkt_time":1686054840592952,"flow_dst_last_pkt_time":1686054840592952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686055302350311,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":44893,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":203,"packets-processed":202,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10455,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":199,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":199,"total-idle-flows":198,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":961,"global_ts_usec":1686056089625694} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":203,"packets-processed":202,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10455,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":199,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":199,"total-idle-flows":198,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":961,"global_ts_usec":1686056089625694} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686056089625694,"flow_src_last_pkt_time":1686056089625694,"flow_dst_last_pkt_time":1686056089625694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686056089625694,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":39691,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":200,"flow_packet_id":1,"flow_src_last_pkt_time":1686056089625694,"flow_dst_last_pkt_time":1686056089625694,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686056089625694,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMpsLAasAJU9vAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686056089625694,"flow_src_last_pkt_time":1686056089625694,"flow_dst_last_pkt_time":1686056089625694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686056089625694,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":39691,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686055302350311,"flow_src_last_pkt_time":1686055302350311,"flow_dst_last_pkt_time":1686055302350311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686056089625694,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":46878,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":204,"packets-processed":203,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10484,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":200,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":200,"total-idle-flows":199,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":966,"global_ts_usec":1686057077798333} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":204,"packets-processed":203,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10484,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":200,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":200,"total-idle-flows":199,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":966,"global_ts_usec":1686057077798333} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057077798333,"flow_src_last_pkt_time":1686057077798333,"flow_dst_last_pkt_time":1686057077798333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057077798333,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":59069,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":201,"flow_packet_id":1,"flow_src_last_pkt_time":1686057077798333,"flow_dst_last_pkt_time":1686057077798333,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686057077798333,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN+a9AasAJQO8AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057077798333,"flow_src_last_pkt_time":1686057077798333,"flow_dst_last_pkt_time":1686057077798333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057077798333,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":59069,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -972,7 +972,7 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":202,"flow_packet_id":1,"flow_src_last_pkt_time":1686057628692531,"flow_dst_last_pkt_time":1686057628692531,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686057628692531,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM8jOAasAJSGtAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057628692531,"flow_src_last_pkt_time":1686057628692531,"flow_dst_last_pkt_time":1686057628692531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057628692531,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":51406,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057077798333,"flow_src_last_pkt_time":1686057077798333,"flow_dst_last_pkt_time":1686057077798333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057628692531,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":59069,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":206,"packets-processed":205,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10542,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":202,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":202,"total-idle-flows":201,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":975,"global_ts_usec":1686057720083465} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":206,"packets-processed":205,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10542,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":202,"total-detection-updates":0,"total-updates":34,"current-active-flows":1,"total-active-flows":202,"total-idle-flows":201,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":975,"global_ts_usec":1686057720083465} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057720083465,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057720083465,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":35296,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_packet_id":1,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686057720083465,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lOIngAasAJWCVAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057720083465,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057720083465,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":35296,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -982,13 +982,13 @@ 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":207,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057824020237,"flow_src_last_pkt_time":1686057824020237,"flow_dst_last_pkt_time":1686057824020237,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057824020237,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":48172,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057628692531,"flow_src_last_pkt_time":1686057628692531,"flow_dst_last_pkt_time":1686057628692531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057824020237,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":51406,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057720083465,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686057824020237,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":35296,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":208,"packets-processed":207,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10600,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":204,"total-detection-updates":0,"total-updates":36,"current-active-flows":2,"total-active-flows":204,"total-idle-flows":202,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":985,"global_ts_usec":1686059089399919} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":208,"packets-processed":207,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10600,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":204,"total-detection-updates":0,"total-updates":36,"current-active-flows":2,"total-active-flows":204,"total-idle-flows":202,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":985,"global_ts_usec":1686059089399919} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686059089399919,"flow_src_last_pkt_time":1686059089399919,"flow_dst_last_pkt_time":1686059089399919,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686059089399919,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":53249,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":205,"flow_packet_id":1,"flow_src_last_pkt_time":1686059089399919,"flow_dst_last_pkt_time":1686059089399919,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686059089399919,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPtABAasAJRpvAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686059089399919,"flow_src_last_pkt_time":1686059089399919,"flow_dst_last_pkt_time":1686059089399919,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686059089399919,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":53249,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057720083465,"flow_src_last_pkt_time":1686057720083465,"flow_dst_last_pkt_time":1686057720083465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686059089399919,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":35296,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686057824020237,"flow_src_last_pkt_time":1686057824020237,"flow_dst_last_pkt_time":1686057824020237,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686059089399919,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":48172,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":209,"packets-processed":208,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10629,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":205,"total-detection-updates":0,"total-updates":36,"current-active-flows":1,"total-active-flows":205,"total-idle-flows":204,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":991,"global_ts_usec":1686063230217187} +00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":209,"packets-processed":208,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10629,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":205,"total-detection-updates":0,"total-updates":36,"current-active-flows":1,"total-active-flows":205,"total-idle-flows":204,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":991,"global_ts_usec":1686063230217187} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063230217187,"flow_src_last_pkt_time":1686063230217187,"flow_dst_last_pkt_time":1686063230217187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063230217187,"l3_proto":"ip4","src_ip":"16.100.83.145","dst_ip":"90.147.171.51","src_port":60232,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":206,"flow_packet_id":1,"flow_src_last_pkt_time":1686063230217187,"flow_dst_last_pkt_time":1686063230217187,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686063230217187,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqiYQZFORWpOrM+tIAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063230217187,"flow_src_last_pkt_time":1686063230217187,"flow_dst_last_pkt_time":1686063230217187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063230217187,"l3_proto":"ip4","src_ip":"16.100.83.145","dst_ip":"90.147.171.51","src_port":60232,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1002,17 +1002,17 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":211,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063784551832,"flow_src_last_pkt_time":1686063784551832,"flow_dst_last_pkt_time":1686063784551832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063784551832,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.111.212.50","src_port":34236,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063367901199,"flow_src_last_pkt_time":1686063367901199,"flow_dst_last_pkt_time":1686063367901199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063784551832,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"186.112.202.53","src_port":36840,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063230217187,"flow_src_last_pkt_time":1686063230217187,"flow_dst_last_pkt_time":1686063230217187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686063784551832,"l3_proto":"ip4","src_ip":"16.100.83.145","dst_ip":"90.147.171.51","src_port":60232,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":212,"packets-processed":211,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":208,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":208,"total-idle-flows":207,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1005,"global_ts_usec":1686065747925784} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":212,"packets-processed":211,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":10923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":208,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":208,"total-idle-flows":207,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1005,"global_ts_usec":1686065747925784} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686065747925784,"flow_src_last_pkt_time":1686065747925784,"flow_dst_last_pkt_time":1686065747925784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686065747925784,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":53230,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":209,"flow_packet_id":1,"flow_src_last_pkt_time":1686065747925784,"flow_dst_last_pkt_time":1686065747925784,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686065747925784,"pkt":"bs1PogZtPJTVQTiBCABFCAB+1DEAAO0REAC2tHiLWpG0Os\/uAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686065747925784,"flow_src_last_pkt_time":1686065747925784,"flow_dst_last_pkt_time":1686065747925784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686065747925784,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":53230,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686063784551832,"flow_src_last_pkt_time":1686063784551832,"flow_dst_last_pkt_time":1686063784551832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686065747925784,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.111.212.50","src_port":34236,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":213,"packets-processed":212,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11021,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":209,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":209,"total-idle-flows":208,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1010,"global_ts_usec":1686066398914580} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":213,"packets-processed":212,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11021,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":209,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":209,"total-idle-flows":208,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1010,"global_ts_usec":1686066398914580} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686066398914580,"flow_src_last_pkt_time":1686066398914580,"flow_dst_last_pkt_time":1686066398914580,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686066398914580,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":38609,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":210,"flow_packet_id":1,"flow_src_last_pkt_time":1686066398914580,"flow_dst_last_pkt_time":1686066398914580,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686066398914580,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAO0REAO2tHiLWo0lOJbRAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686066398914580,"flow_src_last_pkt_time":1686066398914580,"flow_dst_last_pkt_time":1686066398914580,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686066398914580,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":38609,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686065747925784,"flow_src_last_pkt_time":1686065747925784,"flow_dst_last_pkt_time":1686065747925784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686066398914580,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.145.180.58","src_port":53230,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":214,"packets-processed":213,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11119,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":210,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":210,"total-idle-flows":209,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1015,"global_ts_usec":1686067317662813} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":214,"packets-processed":213,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11119,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":210,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":210,"total-idle-flows":209,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1015,"global_ts_usec":1686067317662813} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067317662813,"flow_src_last_pkt_time":1686067317662813,"flow_dst_last_pkt_time":1686067317662813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067317662813,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":36797,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":211,"flow_packet_id":1,"flow_src_last_pkt_time":1686067317662813,"flow_dst_last_pkt_time":1686067317662813,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686067317662813,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSUTY5OUpXLKPY+9AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067317662813,"flow_src_last_pkt_time":1686067317662813,"flow_dst_last_pkt_time":1686067317662813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067317662813,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":36797,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1021,17 +1021,17 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":215,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":212,"flow_packet_id":1,"flow_src_last_pkt_time":1686067699688902,"flow_dst_last_pkt_time":1686067699688902,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686067699688902,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqiQtg6GYpZBUPo+PAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":215,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067699688902,"flow_src_last_pkt_time":1686067699688902,"flow_dst_last_pkt_time":1686067699688902,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067699688902,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"165.144.84.62","src_port":36751,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067317662813,"flow_src_last_pkt_time":1686067317662813,"flow_dst_last_pkt_time":1686067317662813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686067699688902,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":36797,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":216,"packets-processed":215,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11315,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":212,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":212,"total-idle-flows":211,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1024,"global_ts_usec":1686071042176869} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":216,"packets-processed":215,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11315,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":212,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":212,"total-idle-flows":211,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1024,"global_ts_usec":1686071042176869} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686071042176869,"flow_src_last_pkt_time":1686071042176869,"flow_dst_last_pkt_time":1686071042176869,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686071042176869,"l3_proto":"ip4","src_ip":"45.100.140.153","dst_ip":"74.111.203.55","src_port":54538,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":213,"flow_packet_id":1,"flow_src_last_pkt_time":1686071042176869,"flow_dst_last_pkt_time":1686071042176869,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686071042176869,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAO0RqiwtZIyZSm\/LN9UKAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686071042176869,"flow_src_last_pkt_time":1686071042176869,"flow_dst_last_pkt_time":1686071042176869,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686071042176869,"l3_proto":"ip4","src_ip":"45.100.140.153","dst_ip":"74.111.203.55","src_port":54538,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686067699688902,"flow_src_last_pkt_time":1686067699688902,"flow_dst_last_pkt_time":1686067699688902,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686071042176869,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"165.144.84.62","src_port":36751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":217,"packets-processed":216,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11413,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":213,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":213,"total-idle-flows":212,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1029,"global_ts_usec":1686075500413977} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":217,"packets-processed":216,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11413,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":213,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":213,"total-idle-flows":212,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1029,"global_ts_usec":1686075500413977} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686075500413977,"flow_src_last_pkt_time":1686075500413977,"flow_dst_last_pkt_time":1686075500413977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686075500413977,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.141.37.56","src_port":26355,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":214,"flow_packet_id":1,"flow_src_last_pkt_time":1686075500413977,"flow_dst_last_pkt_time":1686075500413977,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686075500413977,"pkt":"3jHC4dyOPJTVQTiBCABFCABLp64AACQRHLRnR5LeWo0lOGbzAasAN7aJAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686075500413977,"flow_src_last_pkt_time":1686075500413977,"flow_dst_last_pkt_time":1686075500413977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686075500413977,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.141.37.56","src_port":26355,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686071042176869,"flow_src_last_pkt_time":1686071042176869,"flow_dst_last_pkt_time":1686071042176869,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686075500413977,"l3_proto":"ip4","src_ip":"45.100.140.153","dst_ip":"74.111.203.55","src_port":54538,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":218,"packets-processed":217,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11460,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":214,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":214,"total-idle-flows":213,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1034,"global_ts_usec":1686081952749133} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":218,"packets-processed":217,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11460,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":214,"total-detection-updates":0,"total-updates":37,"current-active-flows":1,"total-active-flows":214,"total-idle-flows":213,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1034,"global_ts_usec":1686081952749133} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686081952749133,"flow_src_last_pkt_time":1686081952749133,"flow_dst_last_pkt_time":1686081952749133,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686081952749133,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.147.171.51","src_port":64387,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":215,"flow_packet_id":1,"flow_src_last_pkt_time":1686081952749133,"flow_dst_last_pkt_time":1686081952749133,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686081952749133,"pkt":"AAwp30Y4PJTVQTiBCABFCABLEn4AACQRsepnR5LeWpOrM\/uDAasANyH\/AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686081952749133,"flow_src_last_pkt_time":1686081952749133,"flow_dst_last_pkt_time":1686081952749133,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686081952749133,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.147.171.51","src_port":64387,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1040,7 +1040,7 @@ 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":219,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":216,"flow_packet_id":1,"flow_src_last_pkt_time":1686082067713083,"flow_dst_last_pkt_time":1686082067713083,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686082067713083,"pkt":"AAwp30Y4PJTVQTiBCABFCABLYc8AACIRaN1kOJtwWm\/UMs+KAasAN1I8AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":219,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082067713083,"flow_src_last_pkt_time":1686082067713083,"flow_dst_last_pkt_time":1686082067713083,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082067713083,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.111.212.50","src_port":53130,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686081952749133,"flow_src_last_pkt_time":1686081952749133,"flow_dst_last_pkt_time":1686081952749133,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082067713083,"l3_proto":"ip4","src_ip":"103.71.146.222","dst_ip":"90.147.171.51","src_port":64387,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":220,"packets-processed":219,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11554,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":216,"total-detection-updates":0,"total-updates":38,"current-active-flows":2,"total-active-flows":216,"total-idle-flows":214,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1043,"global_ts_usec":1686082597517294} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":220,"packets-processed":219,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11554,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":216,"total-detection-updates":0,"total-updates":38,"current-active-flows":2,"total-active-flows":216,"total-idle-flows":214,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1043,"global_ts_usec":1686082597517294} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082597517294,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082597517294,"l3_proto":"ip4","src_ip":"186.27.5.237","dst_ip":"90.147.171.51","src_port":51315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_packet_id":1,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686082597517294,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbe66GwXtWpOrM8hzAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":220,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082597517294,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082597517294,"l3_proto":"ip4","src_ip":"186.27.5.237","dst_ip":"90.147.171.51","src_port":51315,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1050,43 +1050,43 @@ 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":221,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":218,"flow_packet_id":1,"flow_src_last_pkt_time":1686082771466382,"flow_dst_last_pkt_time":1686082771466382,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686082771466382,"pkt":"moT+\/Ph8PJTVQTiBCABFCABL6nUAACIR4DqnB5p9VW80OSAcAasANwGvAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":221,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082771466382,"flow_src_last_pkt_time":1686082771466382,"flow_dst_last_pkt_time":1686082771466382,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082771466382,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"85.111.52.57","src_port":8220,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082597517294,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686082771466382,"l3_proto":"ip4","src_ip":"186.27.5.237","dst_ip":"90.147.171.51","src_port":51315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":222,"packets-processed":221,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11630,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":218,"total-detection-updates":0,"total-updates":39,"current-active-flows":2,"total-active-flows":218,"total-idle-flows":216,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1053,"global_ts_usec":1686085137783742} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":222,"packets-processed":221,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11630,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":218,"total-detection-updates":0,"total-updates":39,"current-active-flows":2,"total-active-flows":218,"total-idle-flows":216,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1053,"global_ts_usec":1686085137783742} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686085137783742,"flow_src_last_pkt_time":1686085137783742,"flow_dst_last_pkt_time":1686085137783742,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686085137783742,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"85.111.52.57","src_port":59003,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":219,"flow_packet_id":1,"flow_src_last_pkt_time":1686085137783742,"flow_dst_last_pkt_time":1686085137783742,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686085137783742,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPIRpSUuZGGTVW80OeZ7AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":222,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686085137783742,"flow_src_last_pkt_time":1686085137783742,"flow_dst_last_pkt_time":1686085137783742,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686085137783742,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"85.111.52.57","src_port":59003,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082771466382,"flow_src_last_pkt_time":1686082771466382,"flow_dst_last_pkt_time":1686082771466382,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686085137783742,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"85.111.52.57","src_port":8220,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686082597517294,"flow_src_last_pkt_time":1686082597517294,"flow_dst_last_pkt_time":1686082597517294,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686085137783742,"l3_proto":"ip4","src_ip":"186.27.5.237","dst_ip":"90.147.171.51","src_port":51315,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":223,"packets-processed":222,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11728,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":219,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":219,"total-idle-flows":218,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1059,"global_ts_usec":1686086498336760} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":223,"packets-processed":222,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11728,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":219,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":219,"total-idle-flows":218,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1059,"global_ts_usec":1686086498336760} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686086498336760,"flow_src_last_pkt_time":1686086498336760,"flow_dst_last_pkt_time":1686086498336760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686086498336760,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.141.37.56","src_port":35493,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":220,"flow_packet_id":1,"flow_src_last_pkt_time":1686086498336760,"flow_dst_last_pkt_time":1686086498336760,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686086498336760,"pkt":"3jHC4dyOPJTVQTiBCABFAABSWVwAAG0Ru0FDnxCWWo0lOIqlAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":223,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686086498336760,"flow_src_last_pkt_time":1686086498336760,"flow_dst_last_pkt_time":1686086498336760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686086498336760,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.141.37.56","src_port":35493,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686085137783742,"flow_src_last_pkt_time":1686085137783742,"flow_dst_last_pkt_time":1686085137783742,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686086498336760,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"85.111.52.57","src_port":59003,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":224,"packets-processed":223,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11782,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":220,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":220,"total-idle-flows":219,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1064,"global_ts_usec":1686087364946144} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":224,"packets-processed":223,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11782,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":220,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":220,"total-idle-flows":219,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1064,"global_ts_usec":1686087364946144} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686087364946144,"flow_src_last_pkt_time":1686087364946144,"flow_dst_last_pkt_time":1686087364946144,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686087364946144,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"69.109.187.54","src_port":35856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":1,"flow_src_last_pkt_time":1686087364946144,"flow_dst_last_pkt_time":1686087364946144,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686087364946144,"pkt":"bpHurUgdPJTVQTiBCABFAABS0PQAAG4RQqxDnxCWRW27NowQAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":224,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686087364946144,"flow_src_last_pkt_time":1686087364946144,"flow_dst_last_pkt_time":1686087364946144,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686087364946144,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"69.109.187.54","src_port":35856,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686086498336760,"flow_src_last_pkt_time":1686086498336760,"flow_dst_last_pkt_time":1686086498336760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686087364946144,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.141.37.56","src_port":35493,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":225,"packets-processed":224,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11836,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":221,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":221,"total-idle-flows":220,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1069,"global_ts_usec":1686088327419270} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":225,"packets-processed":224,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11836,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":221,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":221,"total-idle-flows":220,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1069,"global_ts_usec":1686088327419270} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686088327419270,"flow_src_last_pkt_time":1686088327419270,"flow_dst_last_pkt_time":1686088327419270,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686088327419270,"l3_proto":"ip4","src_ip":"34.220.38.0","dst_ip":"186.112.202.53","src_port":54720,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":1,"flow_src_last_pkt_time":1686088327419270,"flow_dst_last_pkt_time":1686088327419270,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686088327419270,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPoRbDEi3CYAunDKNdXAAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":225,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686088327419270,"flow_src_last_pkt_time":1686088327419270,"flow_dst_last_pkt_time":1686088327419270,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686088327419270,"l3_proto":"ip4","src_ip":"34.220.38.0","dst_ip":"186.112.202.53","src_port":54720,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686087364946144,"flow_src_last_pkt_time":1686087364946144,"flow_dst_last_pkt_time":1686087364946144,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686088327419270,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"69.109.187.54","src_port":35856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":226,"packets-processed":225,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11865,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":222,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":222,"total-idle-flows":221,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1074,"global_ts_usec":1686095963626743} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":226,"packets-processed":225,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11865,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":222,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":222,"total-idle-flows":221,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1074,"global_ts_usec":1686095963626743} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686095963626743,"flow_src_last_pkt_time":1686095963626743,"flow_dst_last_pkt_time":1686095963626743,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686095963626743,"l3_proto":"ip4","src_ip":"173.49.159.50","dst_ip":"74.111.203.55","src_port":54834,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":1,"flow_src_last_pkt_time":1686095963626743,"flow_dst_last_pkt_time":1686095963626743,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686095963626743,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRXnWtMZ8ySm\/LN9YyAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":226,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686095963626743,"flow_src_last_pkt_time":1686095963626743,"flow_dst_last_pkt_time":1686095963626743,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686095963626743,"l3_proto":"ip4","src_ip":"173.49.159.50","dst_ip":"74.111.203.55","src_port":54834,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686088327419270,"flow_src_last_pkt_time":1686088327419270,"flow_dst_last_pkt_time":1686088327419270,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686095963626743,"l3_proto":"ip4","src_ip":"34.220.38.0","dst_ip":"186.112.202.53","src_port":54720,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":227,"packets-processed":226,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11894,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":223,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":223,"total-idle-flows":222,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1079,"global_ts_usec":1686100690494262} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":227,"packets-processed":226,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11894,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":223,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":223,"total-idle-flows":222,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1079,"global_ts_usec":1686100690494262} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686100690494262,"flow_src_last_pkt_time":1686100690494262,"flow_dst_last_pkt_time":1686100690494262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686100690494262,"l3_proto":"ip4","src_ip":"206.17.216.171","dst_ip":"69.109.187.54","src_port":53625,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":224,"flow_packet_id":1,"flow_src_last_pkt_time":1686100690494262,"flow_dst_last_pkt_time":1686100690494262,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686100690494262,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRYB3OEdirRW27NtF5AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686100690494262,"flow_src_last_pkt_time":1686100690494262,"flow_dst_last_pkt_time":1686100690494262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686100690494262,"l3_proto":"ip4","src_ip":"206.17.216.171","dst_ip":"69.109.187.54","src_port":53625,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686095963626743,"flow_src_last_pkt_time":1686095963626743,"flow_dst_last_pkt_time":1686095963626743,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686100690494262,"l3_proto":"ip4","src_ip":"173.49.159.50","dst_ip":"74.111.203.55","src_port":54834,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":228,"packets-processed":227,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":224,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":224,"total-idle-flows":223,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1084,"global_ts_usec":1686102050692991} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":228,"packets-processed":227,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":224,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":224,"total-idle-flows":223,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1084,"global_ts_usec":1686102050692991} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102050692991,"flow_src_last_pkt_time":1686102050692991,"flow_dst_last_pkt_time":1686102050692991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102050692991,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":42341,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":225,"flow_packet_id":1,"flow_src_last_pkt_time":1686102050692991,"flow_dst_last_pkt_time":1686102050692991,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686102050692991,"pkt":"ipffLU2SPJTVQTiBCABFAAA+KfdAADQRdt1AOMuySm\/LN6VlAasAKiQrAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102050692991,"flow_src_last_pkt_time":1686102050692991,"flow_dst_last_pkt_time":1686102050692991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102050692991,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":42341,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686100690494262,"flow_src_last_pkt_time":1686100690494262,"flow_dst_last_pkt_time":1686100690494262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102050692991,"l3_proto":"ip4","src_ip":"206.17.216.171","dst_ip":"69.109.187.54","src_port":53625,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":229,"packets-processed":228,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11957,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":225,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":225,"total-idle-flows":224,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1089,"global_ts_usec":1686102672425183} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":229,"packets-processed":228,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":11957,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":225,"total-detection-updates":0,"total-updates":39,"current-active-flows":1,"total-active-flows":225,"total-idle-flows":224,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1089,"global_ts_usec":1686102672425183} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102672425183,"flow_src_last_pkt_time":1686102672425183,"flow_dst_last_pkt_time":1686102672425183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102672425183,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"90.111.212.50","src_port":46093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":1,"flow_src_last_pkt_time":1686102672425183,"flow_dst_last_pkt_time":1686102672425183,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686102672425183,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+Lo9AADQRckmmRju1Wm\/UMrQNAasAKhWHAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102672425183,"flow_src_last_pkt_time":1686102672425183,"flow_dst_last_pkt_time":1686102672425183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686102672425183,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"90.111.212.50","src_port":46093,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1110,12 +1110,12 @@ 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103250321132,"flow_src_last_pkt_time":1686103250321132,"flow_dst_last_pkt_time":1686103250321132,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103250321132,"l3_proto":"ip4","src_ip":"184.199.219.188","dst_ip":"90.141.37.56","src_port":30639,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103038730179,"flow_src_last_pkt_time":1686103038730179,"flow_dst_last_pkt_time":1686103038730179,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103250321132,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.114.202.61","src_port":63574,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686102873592315,"flow_src_last_pkt_time":1686102873592315,"flow_dst_last_pkt_time":1686102873592315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103250321132,"l3_proto":"ip4","src_ip":"33.26.187.87","dst_ip":"90.141.37.56","src_port":52761,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":234,"packets-processed":233,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12122,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":230,"total-detection-updates":0,"total-updates":42,"current-active-flows":1,"total-active-flows":230,"total-idle-flows":229,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1113,"global_ts_usec":1686103373634504} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":234,"packets-processed":233,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12122,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":230,"total-detection-updates":0,"total-updates":42,"current-active-flows":1,"total-active-flows":230,"total-idle-flows":229,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1113,"global_ts_usec":1686103373634504} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103373634504,"flow_src_last_pkt_time":1686103373634504,"flow_dst_last_pkt_time":1686103373634504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103373634504,"l3_proto":"ip4","src_ip":"166.199.219.182","dst_ip":"69.109.187.54","src_port":28881,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":1,"flow_src_last_pkt_time":1686103373634504,"flow_dst_last_pkt_time":1686103373634504,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686103373634504,"pkt":"bpHurUgdPJTVQTiBCABFAAA+HIVAADQRhFKmx9u2RW27NnDRAasAKljCAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103373634504,"flow_src_last_pkt_time":1686103373634504,"flow_dst_last_pkt_time":1686103373634504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103373634504,"l3_proto":"ip4","src_ip":"166.199.219.182","dst_ip":"69.109.187.54","src_port":28881,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686103250321132,"flow_src_last_pkt_time":1686103250321132,"flow_dst_last_pkt_time":1686103250321132,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686103373634504,"l3_proto":"ip4","src_ip":"184.199.219.188","dst_ip":"90.141.37.56","src_port":30639,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":235,"packets-processed":234,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12156,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":231,"total-detection-updates":0,"total-updates":43,"current-active-flows":2,"total-active-flows":231,"total-idle-flows":229,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1118,"global_ts_usec":1686104038936046} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":235,"packets-processed":234,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12156,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":231,"total-detection-updates":0,"total-updates":43,"current-active-flows":2,"total-active-flows":231,"total-idle-flows":229,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1118,"global_ts_usec":1686104038936046} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104038936046,"flow_src_last_pkt_time":1686104038936046,"flow_dst_last_pkt_time":1686104038936046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104038936046,"l3_proto":"ip4","src_ip":"95.64.196.186","dst_ip":"186.112.202.53","src_port":18841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":232,"flow_packet_id":1,"flow_src_last_pkt_time":1686104038936046,"flow_dst_last_pkt_time":1686104038936046,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686104038936046,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+0DtAADQR0JFfQMS6unDKNUmZAasAKn\/wAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104038936046,"flow_src_last_pkt_time":1686104038936046,"flow_dst_last_pkt_time":1686104038936046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104038936046,"l3_proto":"ip4","src_ip":"95.64.196.186","dst_ip":"186.112.202.53","src_port":18841,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1125,22 +1125,22 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":236,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":1,"flow_src_last_pkt_time":1686104544084969,"flow_dst_last_pkt_time":1686104544084969,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686104544084969,"pkt":"bs1PogZtPJTVQTiBCABFAAA+LfFAADQRctlYP9q4WpG0OsdTAasAKgIzAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":236,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104544084969,"flow_src_last_pkt_time":1686104544084969,"flow_dst_last_pkt_time":1686104544084969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104544084969,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"90.145.180.58","src_port":51027,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104038936046,"flow_src_last_pkt_time":1686104038936046,"flow_dst_last_pkt_time":1686104038936046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104544084969,"l3_proto":"ip4","src_ip":"95.64.196.186","dst_ip":"186.112.202.53","src_port":18841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":237,"packets-processed":236,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12224,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":233,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":233,"total-idle-flows":232,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1128,"global_ts_usec":1686104819369835} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":237,"packets-processed":236,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12224,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":233,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":233,"total-idle-flows":232,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1128,"global_ts_usec":1686104819369835} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104819369835,"flow_src_last_pkt_time":1686104819369835,"flow_dst_last_pkt_time":1686104819369835,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104819369835,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"85.111.52.57","src_port":57381,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":234,"flow_packet_id":1,"flow_src_last_pkt_time":1686104819369835,"flow_dst_last_pkt_time":1686104819369835,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686104819369835,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+9FFAADQRrIJHQCS3VW80OeAlAasAKulqAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104819369835,"flow_src_last_pkt_time":1686104819369835,"flow_dst_last_pkt_time":1686104819369835,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104819369835,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"85.111.52.57","src_port":57381,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104544084969,"flow_src_last_pkt_time":1686104544084969,"flow_dst_last_pkt_time":1686104544084969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686104819369835,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"90.145.180.58","src_port":51027,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":238,"packets-processed":237,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12258,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":234,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":234,"total-idle-flows":233,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1133,"global_ts_usec":1686109686670972} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":238,"packets-processed":237,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12258,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":234,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":234,"total-idle-flows":233,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1133,"global_ts_usec":1686109686670972} 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686109686670972,"flow_src_last_pkt_time":1686109686670972,"flow_dst_last_pkt_time":1686109686670972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686109686670972,"l3_proto":"ip4","src_ip":"165.211.188.239","dst_ip":"165.114.202.61","src_port":50862,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":235,"flow_packet_id":1,"flow_src_last_pkt_time":1686109686670972,"flow_dst_last_pkt_time":1686109686670972,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686109686670972,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbeWl07zvpXLKPcauAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686109686670972,"flow_src_last_pkt_time":1686109686670972,"flow_dst_last_pkt_time":1686109686670972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686109686670972,"l3_proto":"ip4","src_ip":"165.211.188.239","dst_ip":"165.114.202.61","src_port":50862,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686104819369835,"flow_src_last_pkt_time":1686104819369835,"flow_dst_last_pkt_time":1686104819369835,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686109686670972,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"85.111.52.57","src_port":57381,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":239,"packets-processed":238,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12287,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":235,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":235,"total-idle-flows":234,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1138,"global_ts_usec":1686115314323562} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":239,"packets-processed":238,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12287,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":235,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":235,"total-idle-flows":234,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1138,"global_ts_usec":1686115314323562} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686115314323562,"flow_src_last_pkt_time":1686115314323562,"flow_dst_last_pkt_time":1686115314323562,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686115314323562,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.141.37.56","src_port":31214,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":236,"flow_packet_id":1,"flow_src_last_pkt_time":1686115314323562,"flow_dst_last_pkt_time":1686115314323562,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686115314323562,"pkt":"3jHC4dyOPJTVQTiBCABFCABLy\/0AACIR\/qsfAJpyWo0lOHnuAasAN6fVAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686115314323562,"flow_src_last_pkt_time":1686115314323562,"flow_dst_last_pkt_time":1686115314323562,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686115314323562,"l3_proto":"ip4","src_ip":"31.0.154.114","dst_ip":"90.141.37.56","src_port":31214,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686109686670972,"flow_src_last_pkt_time":1686109686670972,"flow_dst_last_pkt_time":1686109686670972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686115314323562,"l3_proto":"ip4","src_ip":"165.211.188.239","dst_ip":"165.114.202.61","src_port":50862,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":240,"packets-processed":239,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12334,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":236,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":236,"total-idle-flows":235,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1143,"global_ts_usec":1686120842599135} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":240,"packets-processed":239,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12334,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":236,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":236,"total-idle-flows":235,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1143,"global_ts_usec":1686120842599135} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686120842599135,"flow_src_last_pkt_time":1686120842599135,"flow_dst_last_pkt_time":1686120842599135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686120842599135,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"165.144.84.62","src_port":19055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":1,"flow_src_last_pkt_time":1686120842599135,"flow_dst_last_pkt_time":1686120842599135,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686120842599135,"pkt":"AAwp30Y4PJTVQTiBCABFAABLInYAACcRsKcid3p+pZBUPkpvAasAN+TAAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686120842599135,"flow_src_last_pkt_time":1686120842599135,"flow_dst_last_pkt_time":1686120842599135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686120842599135,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"165.144.84.62","src_port":19055,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1149,38 +1149,38 @@ 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":241,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":1,"flow_src_last_pkt_time":1686121348877532,"flow_dst_last_pkt_time":1686121348877532,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686121348877532,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPoRbQ1Z1jiBVW80OcXLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":241,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686121348877532,"flow_src_last_pkt_time":1686121348877532,"flow_dst_last_pkt_time":1686121348877532,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686121348877532,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"85.111.52.57","src_port":50635,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686120842599135,"flow_src_last_pkt_time":1686120842599135,"flow_dst_last_pkt_time":1686120842599135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686121348877532,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"165.144.84.62","src_port":19055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":242,"packets-processed":241,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12410,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":238,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":238,"total-idle-flows":237,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1152,"global_ts_usec":1686122375311586} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":242,"packets-processed":241,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12410,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":238,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":238,"total-idle-flows":237,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1152,"global_ts_usec":1686122375311586} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686122375311586,"flow_src_last_pkt_time":1686122375311586,"flow_dst_last_pkt_time":1686122375311586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686122375311586,"l3_proto":"ip4","src_ip":"193.209.38.96","dst_ip":"90.111.212.50","src_port":56783,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":1,"flow_src_last_pkt_time":1686122375311586,"flow_dst_last_pkt_time":1686122375311586,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686122375311586,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbJLB0SZgWm\/UMt3PAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686122375311586,"flow_src_last_pkt_time":1686122375311586,"flow_dst_last_pkt_time":1686122375311586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686122375311586,"l3_proto":"ip4","src_ip":"193.209.38.96","dst_ip":"90.111.212.50","src_port":56783,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686121348877532,"flow_src_last_pkt_time":1686121348877532,"flow_dst_last_pkt_time":1686121348877532,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686122375311586,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"85.111.52.57","src_port":50635,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":243,"packets-processed":242,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12439,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":239,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":239,"total-idle-flows":238,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1157,"global_ts_usec":1686127609854442} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":243,"packets-processed":242,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12439,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":239,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":239,"total-idle-flows":238,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1157,"global_ts_usec":1686127609854442} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686127609854442,"flow_src_last_pkt_time":1686127609854442,"flow_dst_last_pkt_time":1686127609854442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686127609854442,"l3_proto":"ip4","src_ip":"34.16.223.107","dst_ip":"165.144.84.62","src_port":49482,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":240,"flow_packet_id":1,"flow_src_last_pkt_time":1686127609854442,"flow_dst_last_pkt_time":1686127609854442,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686127609854442,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbJQiEN9rpZBUPsFKAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00952{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686127609854442,"flow_src_last_pkt_time":1686127609854442,"flow_dst_last_pkt_time":1686127609854442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686127609854442,"l3_proto":"ip4","src_ip":"34.16.223.107","dst_ip":"165.144.84.62","src_port":49482,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686122375311586,"flow_src_last_pkt_time":1686122375311586,"flow_dst_last_pkt_time":1686122375311586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686127609854442,"l3_proto":"ip4","src_ip":"193.209.38.96","dst_ip":"90.111.212.50","src_port":56783,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":244,"packets-processed":243,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12468,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":240,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":240,"total-idle-flows":239,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1162,"global_ts_usec":1686147000405705} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":244,"packets-processed":243,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12468,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":240,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":240,"total-idle-flows":239,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1162,"global_ts_usec":1686147000405705} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686147000405705,"flow_src_last_pkt_time":1686147000405705,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686147000405705,"l3_proto":"ip4","src_ip":"235.96.127.30","dst_ip":"165.144.84.62","src_port":30596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":1,"flow_src_last_pkt_time":1686147000405705,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686147000405705,"pkt":"AAwp30Y4PJTVQTiBCABFAABSc4QAADIRDzbrYH8epZBUPneEAasAPgRJAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686147000405705,"flow_src_last_pkt_time":1686147000405705,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686147000405705,"l3_proto":"ip4","src_ip":"235.96.127.30","dst_ip":"165.144.84.62","src_port":30596,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":245,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":2,"flow_src_last_pkt_time":1686147000405720,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686147000405720,"pkt":"AAwp30Y4PJTVQTiBCABFAABSc4QAADIRDzbrYH8epZBUPneEAasAPgRJAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00991{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686127609854442,"flow_src_last_pkt_time":1686127609854442,"flow_dst_last_pkt_time":1686127609854442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686147000405720,"l3_proto":"ip4","src_ip":"34.16.223.107","dst_ip":"165.144.84.62","src_port":49482,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":246,"packets-processed":245,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12576,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":241,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":241,"total-idle-flows":240,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1168,"global_ts_usec":1686148169982093} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":246,"packets-processed":245,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12576,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":241,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":241,"total-idle-flows":240,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1168,"global_ts_usec":1686148169982093} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686148169982093,"flow_src_last_pkt_time":1686148169982093,"flow_dst_last_pkt_time":1686148169982093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686148169982093,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"74.111.203.55","src_port":30879,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":242,"flow_packet_id":1,"flow_src_last_pkt_time":1686148169982093,"flow_dst_last_pkt_time":1686148169982093,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686148169982093,"pkt":"ipffLU2SPJTVQTiBCABFAABL+PEAACcR2jmaYAV5Sm\/LN3ifAasAN7aeAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":246,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686148169982093,"flow_src_last_pkt_time":1686148169982093,"flow_dst_last_pkt_time":1686148169982093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686148169982093,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"74.111.203.55","src_port":30879,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1686147000405705,"flow_src_last_pkt_time":1686147000405720,"flow_dst_last_pkt_time":1686147000405705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686148169982093,"l3_proto":"ip4","src_ip":"235.96.127.30","dst_ip":"165.144.84.62","src_port":30596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":247,"packets-processed":246,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12623,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":242,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":242,"total-idle-flows":241,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1173,"global_ts_usec":1686150111716704} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":247,"packets-processed":246,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12623,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":242,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":242,"total-idle-flows":241,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1173,"global_ts_usec":1686150111716704} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686150111716704,"flow_src_last_pkt_time":1686150111716704,"flow_dst_last_pkt_time":1686150111716704,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686150111716704,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":53775,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":243,"flow_packet_id":1,"flow_src_last_pkt_time":1686150111716704,"flow_dst_last_pkt_time":1686150111716704,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686150111716704,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPIRpS\/Qe7CaWo0lONIPAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":247,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686150111716704,"flow_src_last_pkt_time":1686150111716704,"flow_dst_last_pkt_time":1686150111716704,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686150111716704,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":53775,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686148169982093,"flow_src_last_pkt_time":1686148169982093,"flow_dst_last_pkt_time":1686148169982093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686150111716704,"l3_proto":"ip4","src_ip":"154.96.5.121","dst_ip":"74.111.203.55","src_port":30879,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":248,"packets-processed":247,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12721,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":243,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":243,"total-idle-flows":242,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1178,"global_ts_usec":1686151018568427} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":248,"packets-processed":247,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12721,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":243,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":243,"total-idle-flows":242,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1178,"global_ts_usec":1686151018568427} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686151018568427,"flow_src_last_pkt_time":1686151018568427,"flow_dst_last_pkt_time":1686151018568427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686151018568427,"l3_proto":"ip4","src_ip":"236.131.82.145","dst_ip":"69.109.187.54","src_port":40660,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":244,"flow_packet_id":1,"flow_src_last_pkt_time":1686151018568427,"flow_dst_last_pkt_time":1686151018568427,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686151018568427,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPMRpSvsg1KRRW27Np7UAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686151018568427,"flow_src_last_pkt_time":1686151018568427,"flow_dst_last_pkt_time":1686151018568427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686151018568427,"l3_proto":"ip4","src_ip":"236.131.82.145","dst_ip":"69.109.187.54","src_port":40660,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686150111716704,"flow_src_last_pkt_time":1686150111716704,"flow_dst_last_pkt_time":1686150111716704,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686151018568427,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":53775,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":249,"packets-processed":248,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12819,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":244,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":244,"total-idle-flows":243,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1183,"global_ts_usec":1686152692161183} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":249,"packets-processed":248,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":12819,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":244,"total-detection-updates":0,"total-updates":43,"current-active-flows":1,"total-active-flows":244,"total-idle-flows":243,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1183,"global_ts_usec":1686152692161183} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152692161183,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152692161183,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"74.111.203.55","src_port":47749,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":1,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686152692161183,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPIRpTITnLybSm\/LN7qFAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":249,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152692161183,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152692161183,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"74.111.203.55","src_port":47749,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1189,48 +1189,48 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":250,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":246,"flow_packet_id":1,"flow_src_last_pkt_time":1686152794742928,"flow_dst_last_pkt_time":1686152794742928,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686152794742928,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPIRpSDthLCIpZBUPoZyAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":250,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152794742928,"flow_src_last_pkt_time":1686152794742928,"flow_dst_last_pkt_time":1686152794742928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152794742928,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"165.144.84.62","src_port":34418,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152692161183,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686152794742928,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"74.111.203.55","src_port":47749,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":251,"packets-processed":250,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13015,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":246,"total-detection-updates":0,"total-updates":44,"current-active-flows":2,"total-active-flows":246,"total-idle-flows":244,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1192,"global_ts_usec":1686157605088607} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":251,"packets-processed":250,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13015,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":246,"total-detection-updates":0,"total-updates":44,"current-active-flows":2,"total-active-flows":246,"total-idle-flows":244,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1192,"global_ts_usec":1686157605088607} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686157605088607,"flow_src_last_pkt_time":1686157605088607,"flow_dst_last_pkt_time":1686157605088607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686157605088607,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":55189,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":247,"flow_packet_id":1,"flow_src_last_pkt_time":1686157605088607,"flow_dst_last_pkt_time":1686157605088607,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686157605088607,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAPARqCUtfJOcpXLKPdeVAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":251,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686157605088607,"flow_src_last_pkt_time":1686157605088607,"flow_dst_last_pkt_time":1686157605088607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686157605088607,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":55189,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152794742928,"flow_src_last_pkt_time":1686152794742928,"flow_dst_last_pkt_time":1686152794742928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686157605088607,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"165.144.84.62","src_port":34418,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686152692161183,"flow_src_last_pkt_time":1686152692161183,"flow_dst_last_pkt_time":1686152692161183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686157605088607,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"74.111.203.55","src_port":47749,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":252,"packets-processed":251,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13113,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":247,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":247,"total-idle-flows":246,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1198,"global_ts_usec":1686158302309017} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":252,"packets-processed":251,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13113,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":247,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":247,"total-idle-flows":246,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1198,"global_ts_usec":1686158302309017} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686158302309017,"flow_src_last_pkt_time":1686158302309017,"flow_dst_last_pkt_time":1686158302309017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686158302309017,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.145.180.58","src_port":37873,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":248,"flow_packet_id":1,"flow_src_last_pkt_time":1686158302309017,"flow_dst_last_pkt_time":1686158302309017,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686158302309017,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAO8RDclGtG\/xWpG0OpPxAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686158302309017,"flow_src_last_pkt_time":1686158302309017,"flow_dst_last_pkt_time":1686158302309017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686158302309017,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.145.180.58","src_port":37873,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686157605088607,"flow_src_last_pkt_time":1686157605088607,"flow_dst_last_pkt_time":1686157605088607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686158302309017,"l3_proto":"ip4","src_ip":"45.124.147.156","dst_ip":"165.114.202.61","src_port":55189,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":253,"packets-processed":252,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13211,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":248,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":248,"total-idle-flows":247,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1203,"global_ts_usec":1686159210157364} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":253,"packets-processed":252,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13211,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":248,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":248,"total-idle-flows":247,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1203,"global_ts_usec":1686159210157364} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686159210157364,"flow_src_last_pkt_time":1686159210157364,"flow_dst_last_pkt_time":1686159210157364,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686159210157364,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"90.111.212.50","src_port":50527,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":249,"flow_packet_id":1,"flow_src_last_pkt_time":1686159210157364,"flow_dst_last_pkt_time":1686159210157364,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686159210157364,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAPARqCwve7GaWm\/UMsVfAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686159210157364,"flow_src_last_pkt_time":1686159210157364,"flow_dst_last_pkt_time":1686159210157364,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686159210157364,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"90.111.212.50","src_port":50527,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686158302309017,"flow_src_last_pkt_time":1686158302309017,"flow_dst_last_pkt_time":1686158302309017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686159210157364,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.145.180.58","src_port":37873,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":254,"packets-processed":253,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13309,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":249,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":249,"total-idle-flows":248,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1208,"global_ts_usec":1686164441587309} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":254,"packets-processed":253,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13309,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":249,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":249,"total-idle-flows":248,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1208,"global_ts_usec":1686164441587309} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686164441587309,"flow_src_last_pkt_time":1686164441587309,"flow_dst_last_pkt_time":1686164441587309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686164441587309,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"74.111.203.55","src_port":22596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":250,"flow_packet_id":1,"flow_src_last_pkt_time":1686164441587309,"flow_dst_last_pkt_time":1686164441587309,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686164441587309,"pkt":"ipffLU2SPJTVQTiBCABFCABLFfMAACIRtMTjx1p6Sm\/LN1hEAasAN8mNAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686164441587309,"flow_src_last_pkt_time":1686164441587309,"flow_dst_last_pkt_time":1686164441587309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686164441587309,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"74.111.203.55","src_port":22596,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686159210157364,"flow_src_last_pkt_time":1686159210157364,"flow_dst_last_pkt_time":1686159210157364,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686164441587309,"l3_proto":"ip4","src_ip":"47.123.177.154","dst_ip":"90.111.212.50","src_port":50527,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":255,"packets-processed":254,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13356,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":250,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":250,"total-idle-flows":249,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1213,"global_ts_usec":1686172962599222} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":255,"packets-processed":254,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13356,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":250,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":250,"total-idle-flows":249,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1213,"global_ts_usec":1686172962599222} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686172962599222,"flow_src_last_pkt_time":1686172962599222,"flow_dst_last_pkt_time":1686172962599222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686172962599222,"l3_proto":"ip4","src_ip":"161.45.5.172","dst_ip":"90.147.171.51","src_port":56443,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":251,"flow_packet_id":1,"flow_src_last_pkt_time":1686172962599222,"flow_dst_last_pkt_time":1686172962599222,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686172962599222,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbgWhLQWsWpOrM9x7AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686172962599222,"flow_src_last_pkt_time":1686172962599222,"flow_dst_last_pkt_time":1686172962599222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686172962599222,"l3_proto":"ip4","src_ip":"161.45.5.172","dst_ip":"90.147.171.51","src_port":56443,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686164441587309,"flow_src_last_pkt_time":1686164441587309,"flow_dst_last_pkt_time":1686164441587309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686172962599222,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"74.111.203.55","src_port":22596,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":256,"packets-processed":255,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13385,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":251,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":251,"total-idle-flows":250,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1218,"global_ts_usec":1686178920053120} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":256,"packets-processed":255,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13385,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":251,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":251,"total-idle-flows":250,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1218,"global_ts_usec":1686178920053120} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686178920053120,"flow_src_last_pkt_time":1686178920053120,"flow_dst_last_pkt_time":1686178920053120,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686178920053120,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"85.111.52.57","src_port":55319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":252,"flow_packet_id":1,"flow_src_last_pkt_time":1686178920053120,"flow_dst_last_pkt_time":1686178920053120,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686178920053120,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbXhCGOFNVW80OdgXAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686178920053120,"flow_src_last_pkt_time":1686178920053120,"flow_dst_last_pkt_time":1686178920053120,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686178920053120,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"85.111.52.57","src_port":55319,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686172962599222,"flow_src_last_pkt_time":1686172962599222,"flow_dst_last_pkt_time":1686172962599222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686178920053120,"l3_proto":"ip4","src_ip":"161.45.5.172","dst_ip":"90.147.171.51","src_port":56443,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":257,"packets-processed":256,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13414,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":252,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":252,"total-idle-flows":251,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1223,"global_ts_usec":1686182909163488} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":257,"packets-processed":256,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13414,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":252,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":252,"total-idle-flows":251,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1223,"global_ts_usec":1686182909163488} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686182909163488,"flow_src_last_pkt_time":1686182909163488,"flow_dst_last_pkt_time":1686182909163488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686182909163488,"l3_proto":"ip4","src_ip":"88.56.155.126","dst_ip":"186.112.202.53","src_port":14639,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":1,"flow_src_last_pkt_time":1686182909163488,"flow_dst_last_pkt_time":1686182909163488,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686182909163488,"pkt":"xmjqc4OdPJTVQTiBCABFCABLnDYAACIRLnxYOJt+unDKNTkvAasAN+idAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686182909163488,"flow_src_last_pkt_time":1686182909163488,"flow_dst_last_pkt_time":1686182909163488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686182909163488,"l3_proto":"ip4","src_ip":"88.56.155.126","dst_ip":"186.112.202.53","src_port":14639,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686178920053120,"flow_src_last_pkt_time":1686178920053120,"flow_dst_last_pkt_time":1686178920053120,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686182909163488,"l3_proto":"ip4","src_ip":"66.24.225.77","dst_ip":"85.111.52.57","src_port":55319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":258,"packets-processed":257,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13461,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":253,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":253,"total-idle-flows":252,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1228,"global_ts_usec":1686186373659453} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":258,"packets-processed":257,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13461,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":253,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":253,"total-idle-flows":252,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1228,"global_ts_usec":1686186373659453} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686186373659453,"flow_src_last_pkt_time":1686186373659453,"flow_dst_last_pkt_time":1686186373659453,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686186373659453,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":15055,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":254,"flow_packet_id":1,"flow_src_last_pkt_time":1686186373659453,"flow_dst_last_pkt_time":1686186373659453,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686186373659453,"pkt":"bpHurUgdPJTVQTiBCABFCABLbu4AACIRW70j\/EVxRW27NjrPAasAN+b2AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686186373659453,"flow_src_last_pkt_time":1686186373659453,"flow_dst_last_pkt_time":1686186373659453,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686186373659453,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":15055,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686182909163488,"flow_src_last_pkt_time":1686182909163488,"flow_dst_last_pkt_time":1686182909163488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686186373659453,"l3_proto":"ip4","src_ip":"88.56.155.126","dst_ip":"186.112.202.53","src_port":14639,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":259,"packets-processed":258,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13508,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":254,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":254,"total-idle-flows":253,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1233,"global_ts_usec":1686188598232342} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":259,"packets-processed":258,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13508,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":254,"total-detection-updates":0,"total-updates":44,"current-active-flows":1,"total-active-flows":254,"total-idle-flows":253,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1233,"global_ts_usec":1686188598232342} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188598232342,"flow_src_last_pkt_time":1686188598232342,"flow_dst_last_pkt_time":1686188598232342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188598232342,"l3_proto":"ip4","src_ip":"93.22.25.240","dst_ip":"165.144.84.62","src_port":53557,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":1,"flow_src_last_pkt_time":1686188598232342,"flow_dst_last_pkt_time":1686188598232342,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686188598232342,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbdZdFhnwpZBUPtE1AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188598232342,"flow_src_last_pkt_time":1686188598232342,"flow_dst_last_pkt_time":1686188598232342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188598232342,"l3_proto":"ip4","src_ip":"93.22.25.240","dst_ip":"165.144.84.62","src_port":53557,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1244,33 +1244,33 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":261,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188964145763,"flow_src_last_pkt_time":1686188964145763,"flow_dst_last_pkt_time":1686188964145763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188964145763,"l3_proto":"ip4","src_ip":"211.49.103.57","dst_ip":"69.109.187.54","src_port":55377,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188644341439,"flow_src_last_pkt_time":1686188644341439,"flow_dst_last_pkt_time":1686188644341439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188964145763,"l3_proto":"ip4","src_ip":"94.46.221.227","dst_ip":"90.141.37.56","src_port":49978,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188598232342,"flow_src_last_pkt_time":1686188598232342,"flow_dst_last_pkt_time":1686188598232342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686188964145763,"l3_proto":"ip4","src_ip":"93.22.25.240","dst_ip":"165.144.84.62","src_port":53557,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":262,"packets-processed":261,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13595,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":257,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":257,"total-idle-flows":256,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1247,"global_ts_usec":1686189923950356} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":262,"packets-processed":261,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13595,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":257,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":257,"total-idle-flows":256,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1247,"global_ts_usec":1686189923950356} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686189923950356,"flow_src_last_pkt_time":1686189923950356,"flow_dst_last_pkt_time":1686189923950356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686189923950356,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"186.112.202.53","src_port":57227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":258,"flow_packet_id":1,"flow_src_last_pkt_time":1686189923950356,"flow_dst_last_pkt_time":1686189923950356,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686189923950356,"pkt":"xmjqc4OdPJTVQTiBCABFCABS0+QAAGsRQrNDnxCWunDKNd+LAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686189923950356,"flow_src_last_pkt_time":1686189923950356,"flow_dst_last_pkt_time":1686189923950356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686189923950356,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"186.112.202.53","src_port":57227,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686188964145763,"flow_src_last_pkt_time":1686188964145763,"flow_dst_last_pkt_time":1686188964145763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686189923950356,"l3_proto":"ip4","src_ip":"211.49.103.57","dst_ip":"69.109.187.54","src_port":55377,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":263,"packets-processed":262,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13649,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":258,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":258,"total-idle-flows":257,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1252,"global_ts_usec":1686195826361567} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":263,"packets-processed":262,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13649,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":258,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":258,"total-idle-flows":257,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1252,"global_ts_usec":1686195826361567} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686195826361567,"flow_src_last_pkt_time":1686195826361567,"flow_dst_last_pkt_time":1686195826361567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686195826361567,"l3_proto":"ip4","src_ip":"70.210.130.41","dst_ip":"186.112.202.53","src_port":50379,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":259,"flow_packet_id":1,"flow_src_last_pkt_time":1686195826361567,"flow_dst_last_pkt_time":1686195826361567,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686195826361567,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbWRG0oIpunDKNcTLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686195826361567,"flow_src_last_pkt_time":1686195826361567,"flow_dst_last_pkt_time":1686195826361567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686195826361567,"l3_proto":"ip4","src_ip":"70.210.130.41","dst_ip":"186.112.202.53","src_port":50379,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686189923950356,"flow_src_last_pkt_time":1686189923950356,"flow_dst_last_pkt_time":1686189923950356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686195826361567,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"186.112.202.53","src_port":57227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":264,"packets-processed":263,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13678,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":259,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":259,"total-idle-flows":258,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1257,"global_ts_usec":1686197444990656} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":264,"packets-processed":263,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13678,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":259,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":259,"total-idle-flows":258,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1257,"global_ts_usec":1686197444990656} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686197444990656,"flow_src_last_pkt_time":1686197444990656,"flow_dst_last_pkt_time":1686197444990656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686197444990656,"l3_proto":"ip4","src_ip":"217.23.159.199","dst_ip":"74.111.203.55","src_port":54694,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":260,"flow_packet_id":1,"flow_src_last_pkt_time":1686197444990656,"flow_dst_last_pkt_time":1686197444990656,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686197444990656,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbbfZF5\/HSm\/LN9WmAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686197444990656,"flow_src_last_pkt_time":1686197444990656,"flow_dst_last_pkt_time":1686197444990656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686197444990656,"l3_proto":"ip4","src_ip":"217.23.159.199","dst_ip":"74.111.203.55","src_port":54694,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686195826361567,"flow_src_last_pkt_time":1686195826361567,"flow_dst_last_pkt_time":1686195826361567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686197444990656,"l3_proto":"ip4","src_ip":"70.210.130.41","dst_ip":"186.112.202.53","src_port":50379,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":265,"packets-processed":264,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13707,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":260,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":260,"total-idle-flows":259,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1262,"global_ts_usec":1686200474358772} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":265,"packets-processed":264,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13707,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":260,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":260,"total-idle-flows":259,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1262,"global_ts_usec":1686200474358772} 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686200474358772,"flow_src_last_pkt_time":1686200474358772,"flow_dst_last_pkt_time":1686200474358772,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686200474358772,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"165.114.202.61","src_port":54962,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":261,"flow_packet_id":1,"flow_src_last_pkt_time":1686200474358772,"flow_dst_last_pkt_time":1686200474358772,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686200474358772,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXtfQ8\/jUpXLKPdayAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686200474358772,"flow_src_last_pkt_time":1686200474358772,"flow_dst_last_pkt_time":1686200474358772,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686200474358772,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"165.114.202.61","src_port":54962,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686197444990656,"flow_src_last_pkt_time":1686197444990656,"flow_dst_last_pkt_time":1686197444990656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686200474358772,"l3_proto":"ip4","src_ip":"217.23.159.199","dst_ip":"74.111.203.55","src_port":54694,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":266,"packets-processed":265,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13736,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":261,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":261,"total-idle-flows":260,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1267,"global_ts_usec":1686201624944069} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":266,"packets-processed":265,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13736,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":261,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":261,"total-idle-flows":260,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1267,"global_ts_usec":1686201624944069} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686201624944069,"flow_src_last_pkt_time":1686201624944069,"flow_dst_last_pkt_time":1686201624944069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686201624944069,"l3_proto":"ip4","src_ip":"42.224.153.12","dst_ip":"90.147.171.51","src_port":15346,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":262,"flow_packet_id":1,"flow_src_last_pkt_time":1686201624944069,"flow_dst_last_pkt_time":1686201624944069,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686201624944069,"pkt":"AAwp30Y4PJTVQTiBCABFAABSN\/IAADIRVuMq4JkMWpOrMzvyAasAPkv2AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686201624944069,"flow_src_last_pkt_time":1686201624944069,"flow_dst_last_pkt_time":1686201624944069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686201624944069,"l3_proto":"ip4","src_ip":"42.224.153.12","dst_ip":"90.147.171.51","src_port":15346,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":267,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":262,"flow_packet_id":2,"flow_src_last_pkt_time":1686201624944084,"flow_dst_last_pkt_time":1686201624944069,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686201624944084,"pkt":"AAwp30Y4PJTVQTiBCABFAABSN\/IAADIRVuMq4JkMWpOrMzvyAasAPkv2AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686200474358772,"flow_src_last_pkt_time":1686200474358772,"flow_dst_last_pkt_time":1686200474358772,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686201624944084,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"165.114.202.61","src_port":54962,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":268,"packets-processed":267,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13844,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":262,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":262,"total-idle-flows":261,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1273,"global_ts_usec":1686204308831707} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":268,"packets-processed":267,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13844,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":262,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":262,"total-idle-flows":261,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1273,"global_ts_usec":1686204308831707} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204308831707,"flow_src_last_pkt_time":1686204308831707,"flow_dst_last_pkt_time":1686204308831707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204308831707,"l3_proto":"ip4","src_ip":"199.221.139.233","dst_ip":"90.145.180.58","src_port":45906,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":263,"flow_packet_id":1,"flow_src_last_pkt_time":1686204308831707,"flow_dst_last_pkt_time":1686204308831707,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686204308831707,"pkt":"bs1PogZtPJTVQTiBCABFAAA+UJNAADQREf\/H3YvpWpG0OrNSAasAKtf7AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204308831707,"flow_src_last_pkt_time":1686204308831707,"flow_dst_last_pkt_time":1686204308831707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204308831707,"l3_proto":"ip4","src_ip":"199.221.139.233","dst_ip":"90.145.180.58","src_port":45906,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1279,7 +1279,7 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":264,"flow_packet_id":1,"flow_src_last_pkt_time":1686204816985223,"flow_dst_last_pkt_time":1686204816985223,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686204816985223,"pkt":"bpHurUgdPJTVQTiBCABFAAA++fVAADQRaIr27WP9RW27NjGRAasAKlmrAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204816985223,"flow_src_last_pkt_time":1686204816985223,"flow_dst_last_pkt_time":1686204816985223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204816985223,"l3_proto":"ip4","src_ip":"246.237.99.253","dst_ip":"69.109.187.54","src_port":12689,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686204308831707,"flow_src_last_pkt_time":1686204308831707,"flow_dst_last_pkt_time":1686204308831707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686204816985223,"l3_proto":"ip4","src_ip":"199.221.139.233","dst_ip":"90.145.180.58","src_port":45906,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":270,"packets-processed":269,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13912,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":264,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":264,"total-idle-flows":263,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1282,"global_ts_usec":1686205296905334} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":270,"packets-processed":269,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":13912,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":264,"total-detection-updates":0,"total-updates":45,"current-active-flows":1,"total-active-flows":264,"total-idle-flows":263,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1282,"global_ts_usec":1686205296905334} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205296905334,"flow_src_last_pkt_time":1686205296905334,"flow_dst_last_pkt_time":1686205296905334,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205296905334,"l3_proto":"ip4","src_ip":"247.45.112.206","dst_ip":"90.111.212.50","src_port":20029,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":265,"flow_packet_id":1,"flow_src_last_pkt_time":1686205296905334,"flow_dst_last_pkt_time":1686205296905334,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686205296905334,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+r0hAADQRsyX3LXDOWm\/UMk49AasAKjztAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205296905334,"flow_src_last_pkt_time":1686205296905334,"flow_dst_last_pkt_time":1686205296905334,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205296905334,"l3_proto":"ip4","src_ip":"247.45.112.206","dst_ip":"90.111.212.50","src_port":20029,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1292,7 +1292,7 @@ 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":272,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":1,"flow_src_last_pkt_time":1686205768491443,"flow_dst_last_pkt_time":1686205768491443,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686205768491443,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+3TBAADQRhVdGJmvxVW80OQ75AasAKnxLAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":272,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205768491443,"flow_src_last_pkt_time":1686205768491443,"flow_dst_last_pkt_time":1686205768491443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205768491443,"l3_proto":"ip4","src_ip":"70.38.107.241","dst_ip":"85.111.52.57","src_port":3833,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686205683745012,"flow_src_last_pkt_time":1686205683745012,"flow_dst_last_pkt_time":1686205683745012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686205768491443,"l3_proto":"ip4","src_ip":"56.174.92.201","dst_ip":"165.114.202.61","src_port":12782,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":273,"packets-processed":272,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14014,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":267,"total-detection-updates":0,"total-updates":46,"current-active-flows":2,"total-active-flows":267,"total-idle-flows":265,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1295,"global_ts_usec":1686206099528813} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":273,"packets-processed":272,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14014,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":267,"total-detection-updates":0,"total-updates":46,"current-active-flows":2,"total-active-flows":267,"total-idle-flows":265,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1295,"global_ts_usec":1686206099528813} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206099528813,"flow_src_last_pkt_time":1686206099528813,"flow_dst_last_pkt_time":1686206099528813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206099528813,"l3_proto":"ip4","src_ip":"70.106.99.214","dst_ip":"74.111.203.55","src_port":10633,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":268,"flow_packet_id":1,"flow_src_last_pkt_time":1686206099528813,"flow_dst_last_pkt_time":1686206099528813,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686206099528813,"pkt":"ipffLU2SPJTVQTiBCABFAAA+0FpAADQRkh5GamPWSm\/LNymJAasAKmGsAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206099528813,"flow_src_last_pkt_time":1686206099528813,"flow_dst_last_pkt_time":1686206099528813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206099528813,"l3_proto":"ip4","src_ip":"70.106.99.214","dst_ip":"74.111.203.55","src_port":10633,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1302,22 +1302,22 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":274,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":1,"flow_src_last_pkt_time":1686206507820187,"flow_dst_last_pkt_time":1686206507820187,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686206507820187,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+f0tAADQR4yz27WP9pZBUPm5IAasAKhzsAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":274,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206507820187,"flow_src_last_pkt_time":1686206507820187,"flow_dst_last_pkt_time":1686206507820187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206507820187,"l3_proto":"ip4","src_ip":"246.237.99.253","dst_ip":"165.144.84.62","src_port":28232,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206099528813,"flow_src_last_pkt_time":1686206099528813,"flow_dst_last_pkt_time":1686206099528813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206507820187,"l3_proto":"ip4","src_ip":"70.106.99.214","dst_ip":"74.111.203.55","src_port":10633,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":275,"packets-processed":274,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14082,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":269,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":269,"total-idle-flows":268,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1305,"global_ts_usec":1686206929031157} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":275,"packets-processed":274,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14082,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":269,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":269,"total-idle-flows":268,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1305,"global_ts_usec":1686206929031157} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206929031157,"flow_src_last_pkt_time":1686206929031157,"flow_dst_last_pkt_time":1686206929031157,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206929031157,"l3_proto":"ip4","src_ip":"200.29.108.217","dst_ip":"90.141.37.56","src_port":55185,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":1,"flow_src_last_pkt_time":1686206929031157,"flow_dst_last_pkt_time":1686206929031157,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686206929031157,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+TBRAADQRFl3IHWzZWo0lONeRAasAKrObAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206929031157,"flow_src_last_pkt_time":1686206929031157,"flow_dst_last_pkt_time":1686206929031157,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206929031157,"l3_proto":"ip4","src_ip":"200.29.108.217","dst_ip":"90.141.37.56","src_port":55185,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206507820187,"flow_src_last_pkt_time":1686206507820187,"flow_dst_last_pkt_time":1686206507820187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686206929031157,"l3_proto":"ip4","src_ip":"246.237.99.253","dst_ip":"165.144.84.62","src_port":28232,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":276,"packets-processed":275,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14116,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":270,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":270,"total-idle-flows":269,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1310,"global_ts_usec":1686207705291823} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":276,"packets-processed":275,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14116,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":270,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":270,"total-idle-flows":269,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1310,"global_ts_usec":1686207705291823} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686207705291823,"flow_src_last_pkt_time":1686207705291823,"flow_dst_last_pkt_time":1686207705291823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686207705291823,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":48238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":1,"flow_src_last_pkt_time":1686207705291823,"flow_dst_last_pkt_time":1686207705291823,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686207705291823,"pkt":"moT+\/Ph8PJTVQTiBCABFAABSu9QAAG0RWMhDnxCWVW80ObxuAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686207705291823,"flow_src_last_pkt_time":1686207705291823,"flow_dst_last_pkt_time":1686207705291823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686207705291823,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":48238,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686206929031157,"flow_src_last_pkt_time":1686206929031157,"flow_dst_last_pkt_time":1686206929031157,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686207705291823,"l3_proto":"ip4","src_ip":"200.29.108.217","dst_ip":"90.141.37.56","src_port":55185,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":277,"packets-processed":276,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14170,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":271,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":271,"total-idle-flows":270,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1315,"global_ts_usec":1686209332165512} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":277,"packets-processed":276,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14170,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":271,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":271,"total-idle-flows":270,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1315,"global_ts_usec":1686209332165512} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686209332165512,"flow_src_last_pkt_time":1686209332165512,"flow_dst_last_pkt_time":1686209332165512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686209332165512,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":24038,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":1,"flow_src_last_pkt_time":1686209332165512,"flow_dst_last_pkt_time":1686209332165512,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686209332165512,"pkt":"AAwp30Y4PJTVQTiBCABFCABLNKwAACIRlfkjAGRzpZBUPl3mAasAN8PZAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686209332165512,"flow_src_last_pkt_time":1686209332165512,"flow_dst_last_pkt_time":1686209332165512,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686209332165512,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":24038,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686207705291823,"flow_src_last_pkt_time":1686207705291823,"flow_dst_last_pkt_time":1686207705291823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686209332165512,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":48238,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":278,"packets-processed":277,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14217,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":272,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":272,"total-idle-flows":271,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1320,"global_ts_usec":1686218743990736} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":278,"packets-processed":277,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14217,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":272,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":272,"total-idle-flows":271,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1320,"global_ts_usec":1686218743990736} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218743990736,"flow_src_last_pkt_time":1686218743990736,"flow_dst_last_pkt_time":1686218743990736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218743990736,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"165.114.202.61","src_port":29445,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":1,"flow_src_last_pkt_time":1686218743990736,"flow_dst_last_pkt_time":1686218743990736,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686218743990736,"pkt":"AAwp30Y4PJTVQTiBCABFCABLunsAACIRECpb\/2t0pXLKPXMFAasAN666AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218743990736,"flow_src_last_pkt_time":1686218743990736,"flow_dst_last_pkt_time":1686218743990736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218743990736,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"165.114.202.61","src_port":29445,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1326,32 +1326,32 @@ 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":1,"flow_src_last_pkt_time":1686218930278883,"flow_dst_last_pkt_time":1686218930278883,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686218930278883,"pkt":"AAwp30Y4PJTVQTiBCABFAABLV70AACcRe1hiiQNypXLKPRTWAasANxpSAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218930278883,"flow_src_last_pkt_time":1686218930278883,"flow_dst_last_pkt_time":1686218930278883,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218930278883,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"165.114.202.61","src_port":5334,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218743990736,"flow_src_last_pkt_time":1686218743990736,"flow_dst_last_pkt_time":1686218743990736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686218930278883,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"165.114.202.61","src_port":29445,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":280,"packets-processed":279,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14311,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":274,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":274,"total-idle-flows":273,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1329,"global_ts_usec":1686227357942748} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":280,"packets-processed":279,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14311,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":274,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":274,"total-idle-flows":273,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1329,"global_ts_usec":1686227357942748} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686227357942748,"flow_src_last_pkt_time":1686227357942748,"flow_dst_last_pkt_time":1686227357942748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686227357942748,"l3_proto":"ip4","src_ip":"224.127.98.214","dst_ip":"90.147.171.51","src_port":19171,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":1,"flow_src_last_pkt_time":1686227357942748,"flow_dst_last_pkt_time":1686227357942748,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686227357942748,"pkt":"AAwp30Y4PJTVQTiBCABFCABLNlUAACQRjhzgf2LWWpOrM0rjAasAN9KoAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686227357942748,"flow_src_last_pkt_time":1686227357942748,"flow_dst_last_pkt_time":1686227357942748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686227357942748,"l3_proto":"ip4","src_ip":"224.127.98.214","dst_ip":"90.147.171.51","src_port":19171,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686218930278883,"flow_src_last_pkt_time":1686218930278883,"flow_dst_last_pkt_time":1686218930278883,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686227357942748,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"165.114.202.61","src_port":5334,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":281,"packets-processed":280,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14358,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":275,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":275,"total-idle-flows":274,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1334,"global_ts_usec":1686234455283740} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":281,"packets-processed":280,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14358,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":275,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":275,"total-idle-flows":274,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1334,"global_ts_usec":1686234455283740} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686234455283740,"flow_src_last_pkt_time":1686234455283740,"flow_dst_last_pkt_time":1686234455283740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686234455283740,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.145.180.58","src_port":37363,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":1,"flow_src_last_pkt_time":1686234455283740,"flow_dst_last_pkt_time":1686234455283740,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686234455283740,"pkt":"bs1PogZtPJTVQTiBCABFAABLt7IAACcRG3GdePx7WpG0OpHzAasAN51CAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686234455283740,"flow_src_last_pkt_time":1686234455283740,"flow_dst_last_pkt_time":1686234455283740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686234455283740,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.145.180.58","src_port":37363,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686227357942748,"flow_src_last_pkt_time":1686227357942748,"flow_dst_last_pkt_time":1686227357942748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686234455283740,"l3_proto":"ip4","src_ip":"224.127.98.214","dst_ip":"90.147.171.51","src_port":19171,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":282,"packets-processed":281,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14405,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":276,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":276,"total-idle-flows":275,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1339,"global_ts_usec":1686236482989100} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":282,"packets-processed":281,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14405,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":276,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":276,"total-idle-flows":275,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1339,"global_ts_usec":1686236482989100} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686236482989100,"flow_src_last_pkt_time":1686236482989100,"flow_dst_last_pkt_time":1686236482989100,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686236482989100,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":37519,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":1,"flow_src_last_pkt_time":1686236482989100,"flow_dst_last_pkt_time":1686236482989100,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686236482989100,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPMRCY72S2hzWpG0OpKPAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686236482989100,"flow_src_last_pkt_time":1686236482989100,"flow_dst_last_pkt_time":1686236482989100,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686236482989100,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":37519,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686234455283740,"flow_src_last_pkt_time":1686234455283740,"flow_dst_last_pkt_time":1686234455283740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686236482989100,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.145.180.58","src_port":37363,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":283,"packets-processed":282,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14503,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":277,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":277,"total-idle-flows":276,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1344,"global_ts_usec":1686238266508865} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":283,"packets-processed":282,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14503,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":277,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":277,"total-idle-flows":276,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1344,"global_ts_usec":1686238266508865} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686238266508865,"flow_src_last_pkt_time":1686238266508865,"flow_dst_last_pkt_time":1686238266508865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686238266508865,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"74.111.203.55","src_port":47606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":1,"flow_src_last_pkt_time":1686238266508865,"flow_dst_last_pkt_time":1686238266508865,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686238266508865,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRpSrsm2CTSm\/LN7n2AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686238266508865,"flow_src_last_pkt_time":1686238266508865,"flow_dst_last_pkt_time":1686238266508865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686238266508865,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"74.111.203.55","src_port":47606,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686236482989100,"flow_src_last_pkt_time":1686236482989100,"flow_dst_last_pkt_time":1686236482989100,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686238266508865,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":37519,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":284,"packets-processed":283,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14601,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":278,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":278,"total-idle-flows":277,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1349,"global_ts_usec":1686241261208452} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":284,"packets-processed":283,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14601,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":278,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":278,"total-idle-flows":277,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1349,"global_ts_usec":1686241261208452} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241261208452,"flow_src_last_pkt_time":1686241261208452,"flow_dst_last_pkt_time":1686241261208452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241261208452,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":32910,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":1,"flow_src_last_pkt_time":1686241261208452,"flow_dst_last_pkt_time":1686241261208452,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686241261208452,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsRrCQtY5KSWm\/UMoCOAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241261208452,"flow_src_last_pkt_time":1686241261208452,"flow_dst_last_pkt_time":1686241261208452,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241261208452,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"90.111.212.50","src_port":32910,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686238266508865,"flow_src_last_pkt_time":1686238266508865,"flow_dst_last_pkt_time":1686238266508865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241261208452,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"74.111.203.55","src_port":47606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":285,"packets-processed":284,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14699,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":279,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":279,"total-idle-flows":278,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1354,"global_ts_usec":1686241917944669} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":285,"packets-processed":284,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14699,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":279,"total-detection-updates":0,"total-updates":46,"current-active-flows":1,"total-active-flows":279,"total-idle-flows":278,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1354,"global_ts_usec":1686241917944669} 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241917944669,"flow_src_last_pkt_time":1686241917944669,"flow_dst_last_pkt_time":1686241917944669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241917944669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"186.112.202.53","src_port":52790,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":1,"flow_src_last_pkt_time":1686241917944669,"flow_dst_last_pkt_time":1686241917944669,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686241917944669,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAPMRCZLItJByunDKNc42AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241917944669,"flow_src_last_pkt_time":1686241917944669,"flow_dst_last_pkt_time":1686241917944669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686241917944669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"186.112.202.53","src_port":52790,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1365,7 +1365,7 @@ 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":287,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686242407915366,"flow_src_last_pkt_time":1686242407915366,"flow_dst_last_pkt_time":1686242407915366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242407915366,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":60621,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686242007697569,"flow_src_last_pkt_time":1686242007697569,"flow_dst_last_pkt_time":1686242007697569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242407915366,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":36409,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686241917944669,"flow_src_last_pkt_time":1686241917944669,"flow_dst_last_pkt_time":1686241917944669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686242407915366,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"186.112.202.53","src_port":52790,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":288,"packets-processed":287,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14993,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":282,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":282,"total-idle-flows":281,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1368,"global_ts_usec":1686243579374691} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":288,"packets-processed":287,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":14993,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":282,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":282,"total-idle-flows":281,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1368,"global_ts_usec":1686243579374691} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686243579374691,"flow_src_last_pkt_time":1686243579374691,"flow_dst_last_pkt_time":1686243579374691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686243579374691,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"165.144.84.62","src_port":60327,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":1,"flow_src_last_pkt_time":1686243579374691,"flow_dst_last_pkt_time":1686243579374691,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686243579374691,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsRrBotY5KSpZBUPuunAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686243579374691,"flow_src_last_pkt_time":1686243579374691,"flow_dst_last_pkt_time":1686243579374691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686243579374691,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"165.144.84.62","src_port":60327,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1374,17 +1374,17 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":1,"flow_src_last_pkt_time":1686244097863995,"flow_dst_last_pkt_time":1686244097863995,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686244097863995,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRCZDItJByWo0lONuvAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244097863995,"flow_src_last_pkt_time":1686244097863995,"flow_dst_last_pkt_time":1686244097863995,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244097863995,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.141.37.56","src_port":56239,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686243579374691,"flow_src_last_pkt_time":1686243579374691,"flow_dst_last_pkt_time":1686243579374691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244097863995,"l3_proto":"ip4","src_ip":"45.99.146.146","dst_ip":"165.144.84.62","src_port":60327,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":290,"packets-processed":289,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15189,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":284,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":284,"total-idle-flows":283,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1377,"global_ts_usec":1686244966838652} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":290,"packets-processed":289,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15189,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":284,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":284,"total-idle-flows":283,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1377,"global_ts_usec":1686244966838652} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244966838652,"flow_src_last_pkt_time":1686244966838652,"flow_dst_last_pkt_time":1686244966838652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244966838652,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"85.111.52.57","src_port":41408,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":1,"flow_src_last_pkt_time":1686244966838652,"flow_dst_last_pkt_time":1686244966838652,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686244966838652,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPMRpSXsm2CTVW80OaHAAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244966838652,"flow_src_last_pkt_time":1686244966838652,"flow_dst_last_pkt_time":1686244966838652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244966838652,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"85.111.52.57","src_port":41408,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244097863995,"flow_src_last_pkt_time":1686244097863995,"flow_dst_last_pkt_time":1686244097863995,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686244966838652,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.141.37.56","src_port":56239,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":291,"packets-processed":290,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15287,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":285,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":285,"total-idle-flows":284,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1382,"global_ts_usec":1686256443473506} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":291,"packets-processed":290,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15287,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":285,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":285,"total-idle-flows":284,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1382,"global_ts_usec":1686256443473506} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686256443473506,"flow_src_last_pkt_time":1686256443473506,"flow_dst_last_pkt_time":1686256443473506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686256443473506,"l3_proto":"ip4","src_ip":"162.219.248.180","dst_ip":"90.147.171.51","src_port":51156,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":286,"flow_packet_id":1,"flow_src_last_pkt_time":1686256443473506,"flow_dst_last_pkt_time":1686256443473506,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686256443473506,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbP6i2\/i0WpOrM8fUAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686256443473506,"flow_src_last_pkt_time":1686256443473506,"flow_dst_last_pkt_time":1686256443473506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686256443473506,"l3_proto":"ip4","src_ip":"162.219.248.180","dst_ip":"90.147.171.51","src_port":51156,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686244966838652,"flow_src_last_pkt_time":1686244966838652,"flow_dst_last_pkt_time":1686244966838652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686256443473506,"l3_proto":"ip4","src_ip":"236.155.96.147","dst_ip":"85.111.52.57","src_port":41408,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":292,"packets-processed":291,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15316,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":286,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":286,"total-idle-flows":285,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1387,"global_ts_usec":1686257607667798} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":292,"packets-processed":291,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15316,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":286,"total-detection-updates":0,"total-updates":47,"current-active-flows":1,"total-active-flows":286,"total-idle-flows":285,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1387,"global_ts_usec":1686257607667798} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257607667798,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257607667798,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":55455,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":1,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686257607667798,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80OdifAasAJRHVAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":292,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257607667798,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257607667798,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":55455,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1393,13 +1393,13 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":293,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":1,"flow_src_last_pkt_time":1686257765544403,"flow_dst_last_pkt_time":1686257765544403,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686257765544403,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPcZcAasAJSQTAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":293,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257765544403,"flow_src_last_pkt_time":1686257765544403,"flow_dst_last_pkt_time":1686257765544403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257765544403,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":50780,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257607667798,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686257765544403,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":55455,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":294,"packets-processed":293,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15374,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":288,"total-detection-updates":0,"total-updates":48,"current-active-flows":2,"total-active-flows":288,"total-idle-flows":286,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1396,"global_ts_usec":1686258512561586} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":294,"packets-processed":293,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15374,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":288,"total-detection-updates":0,"total-updates":48,"current-active-flows":2,"total-active-flows":288,"total-idle-flows":286,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1396,"global_ts_usec":1686258512561586} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686258512561586,"flow_src_last_pkt_time":1686258512561586,"flow_dst_last_pkt_time":1686258512561586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686258512561586,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":56478,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":1,"flow_src_last_pkt_time":1686258512561586,"flow_dst_last_pkt_time":1686258512561586,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686258512561586,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPURKLnIH5CeunDKNdyeAasAJQ3ZAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686258512561586,"flow_src_last_pkt_time":1686258512561586,"flow_dst_last_pkt_time":1686258512561586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686258512561586,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":56478,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257765544403,"flow_src_last_pkt_time":1686257765544403,"flow_dst_last_pkt_time":1686257765544403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686258512561586,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":50780,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686257607667798,"flow_src_last_pkt_time":1686257607667798,"flow_dst_last_pkt_time":1686257607667798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686258512561586,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":55455,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":295,"packets-processed":294,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15403,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":289,"total-detection-updates":0,"total-updates":48,"current-active-flows":1,"total-active-flows":289,"total-idle-flows":288,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1402,"global_ts_usec":1686261546684605} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":295,"packets-processed":294,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15403,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":289,"total-detection-updates":0,"total-updates":48,"current-active-flows":1,"total-active-flows":289,"total-idle-flows":288,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1402,"global_ts_usec":1686261546684605} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261546684605,"flow_src_last_pkt_time":1686261546684605,"flow_dst_last_pkt_time":1686261546684605,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261546684605,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":48895,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":1,"flow_src_last_pkt_time":1686261546684605,"flow_dst_last_pkt_time":1686261546684605,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686261546684605,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPr7\/AasAJStxAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261546684605,"flow_src_last_pkt_time":1686261546684605,"flow_dst_last_pkt_time":1686261546684605,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261546684605,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":48895,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1414,7 +1414,7 @@ 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":298,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":2,"flow_src_last_pkt_time":1686261885374256,"flow_dst_last_pkt_time":1686261885374242,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686261885374256,"pkt":"3jHC4dyOPJTVQTiBCABFBABS1h8AADQRotfUmt9nWo0lONofAasAPpnuAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261656437832,"flow_src_last_pkt_time":1686261656437832,"flow_dst_last_pkt_time":1686261656437832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261885374256,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":37856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686261546684605,"flow_src_last_pkt_time":1686261546684605,"flow_dst_last_pkt_time":1686261546684605,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686261885374256,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":48895,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":299,"packets-processed":298,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15569,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":292,"total-detection-updates":0,"total-updates":49,"current-active-flows":1,"total-active-flows":292,"total-idle-flows":291,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1417,"global_ts_usec":1686262180549880} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":299,"packets-processed":298,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15569,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":292,"total-detection-updates":0,"total-updates":49,"current-active-flows":1,"total-active-flows":292,"total-idle-flows":291,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1417,"global_ts_usec":1686262180549880} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262180549880,"flow_src_last_pkt_time":1686262180549880,"flow_dst_last_pkt_time":1686262180549880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262180549880,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"165.114.202.61","src_port":59307,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":1,"flow_src_last_pkt_time":1686262180549880,"flow_dst_last_pkt_time":1686262180549880,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":1686262180549880,"pkt":"AAwp30Y4PJTVQTiBCABFAABUwx1AADQRzjFLiYbypXLKPeerAasAQAAAAgEAADggAAAAAGqbAAJlbgAAABdzZXJ2aWNlOmRpcmVjdG9yeS1hZ2VudAAHZGVmYXVsdAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262180549880,"flow_src_last_pkt_time":1686262180549880,"flow_dst_last_pkt_time":1686262180549880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262180549880,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"165.114.202.61","src_port":59307,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1423,7 +1423,7 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":300,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":1,"flow_src_last_pkt_time":1686262531882256,"flow_dst_last_pkt_time":1686262531882256,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686262531882256,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lONHuAasAJRiHAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":300,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262531882256,"flow_src_last_pkt_time":1686262531882256,"flow_dst_last_pkt_time":1686262531882256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262531882256,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":53742,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262180549880,"flow_src_last_pkt_time":1686262180549880,"flow_dst_last_pkt_time":1686262180549880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262531882256,"l3_proto":"ip4","src_ip":"75.137.134.242","dst_ip":"165.114.202.61","src_port":59307,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":301,"packets-processed":300,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15654,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":294,"total-detection-updates":0,"total-updates":49,"current-active-flows":1,"total-active-flows":294,"total-idle-flows":293,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1426,"global_ts_usec":1686262998390221} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":301,"packets-processed":300,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15654,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":294,"total-detection-updates":0,"total-updates":49,"current-active-flows":1,"total-active-flows":294,"total-idle-flows":293,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1426,"global_ts_usec":1686262998390221} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262998390221,"flow_src_last_pkt_time":1686262998390221,"flow_dst_last_pkt_time":1686262998390221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262998390221,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":33892,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":1,"flow_src_last_pkt_time":1686262998390221,"flow_dst_last_pkt_time":1686262998390221,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686262998390221,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM4RkAasAJWYXAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686262998390221,"flow_src_last_pkt_time":1686262998390221,"flow_dst_last_pkt_time":1686262998390221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686262998390221,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":33892,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1449,22 +1449,22 @@ 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263142896966,"flow_src_last_pkt_time":1686263142896966,"flow_dst_last_pkt_time":1686263142896966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263490143641,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":50776,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263094542703,"flow_src_last_pkt_time":1686263094542703,"flow_dst_last_pkt_time":1686263094542703,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263490143641,"l3_proto":"ip4","src_ip":"197.23.155.213","dst_ip":"90.145.180.58","src_port":51534,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263272401090,"flow_src_last_pkt_time":1686263272401090,"flow_dst_last_pkt_time":1686263272401090,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686263490143641,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":49681,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":306,"packets-processed":305,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15799,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":299,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":299,"total-idle-flows":298,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1452,"global_ts_usec":1686264627972582} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":306,"packets-processed":305,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15799,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":299,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":299,"total-idle-flows":298,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1452,"global_ts_usec":1686264627972582} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686264627972582,"flow_src_last_pkt_time":1686264627972582,"flow_dst_last_pkt_time":1686264627972582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686264627972582,"l3_proto":"ip4","src_ip":"66.224.226.183","dst_ip":"165.144.84.62","src_port":52476,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":1,"flow_src_last_pkt_time":1686264627972582,"flow_dst_last_pkt_time":1686264627972582,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686264627972582,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbfZC4OK3pZBUPsz8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686264627972582,"flow_src_last_pkt_time":1686264627972582,"flow_dst_last_pkt_time":1686264627972582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686264627972582,"l3_proto":"ip4","src_ip":"66.224.226.183","dst_ip":"165.144.84.62","src_port":52476,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686263490143641,"flow_src_last_pkt_time":1686263490143641,"flow_dst_last_pkt_time":1686263490143641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686264627972582,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":36077,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":307,"packets-processed":306,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15828,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":300,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":300,"total-idle-flows":299,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1457,"global_ts_usec":1686265884829767} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":307,"packets-processed":306,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15828,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":300,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":300,"total-idle-flows":299,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1457,"global_ts_usec":1686265884829767} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686265884829767,"flow_src_last_pkt_time":1686265884829767,"flow_dst_last_pkt_time":1686265884829767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686265884829767,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"69.109.187.54","src_port":59902,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":1,"flow_src_last_pkt_time":1686265884829767,"flow_dst_last_pkt_time":1686265884829767,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686265884829767,"pkt":"bpHurUgdPJTVQTiBCABFCABLZJsAACQRX81bIWraRW27Nun+AasANzOEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686265884829767,"flow_src_last_pkt_time":1686265884829767,"flow_dst_last_pkt_time":1686265884829767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686265884829767,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"69.109.187.54","src_port":59902,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686264627972582,"flow_src_last_pkt_time":1686264627972582,"flow_dst_last_pkt_time":1686264627972582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686265884829767,"l3_proto":"ip4","src_ip":"66.224.226.183","dst_ip":"165.144.84.62","src_port":52476,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":308,"packets-processed":307,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":301,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":301,"total-idle-flows":300,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1462,"global_ts_usec":1686266868932026} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":308,"packets-processed":307,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":301,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":301,"total-idle-flows":300,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1462,"global_ts_usec":1686266868932026} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686266868932026,"flow_src_last_pkt_time":1686266868932026,"flow_dst_last_pkt_time":1686266868932026,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686266868932026,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"85.111.52.57","src_port":50356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":1,"flow_src_last_pkt_time":1686266868932026,"flow_dst_last_pkt_time":1686266868932026,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686266868932026,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRX53OzBhaVW80OcS0AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686266868932026,"flow_src_last_pkt_time":1686266868932026,"flow_dst_last_pkt_time":1686266868932026,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686266868932026,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"85.111.52.57","src_port":50356,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686265884829767,"flow_src_last_pkt_time":1686265884829767,"flow_dst_last_pkt_time":1686265884829767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686266868932026,"l3_proto":"ip4","src_ip":"91.33.106.218","dst_ip":"69.109.187.54","src_port":59902,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":309,"packets-processed":308,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15904,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":302,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":302,"total-idle-flows":301,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1467,"global_ts_usec":1686268741318193} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":309,"packets-processed":308,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15904,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":302,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":302,"total-idle-flows":301,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1467,"global_ts_usec":1686268741318193} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686268741318193,"flow_src_last_pkt_time":1686268741318193,"flow_dst_last_pkt_time":1686268741318193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686268741318193,"l3_proto":"ip4","src_ip":"76.45.103.228","dst_ip":"90.111.212.50","src_port":55007,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":1,"flow_src_last_pkt_time":1686268741318193,"flow_dst_last_pkt_time":1686268741318193,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686268741318193,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRX\/9MLWfkWm\/UMtbfAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686268741318193,"flow_src_last_pkt_time":1686268741318193,"flow_dst_last_pkt_time":1686268741318193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686268741318193,"l3_proto":"ip4","src_ip":"76.45.103.228","dst_ip":"90.111.212.50","src_port":55007,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1473,17 +1473,17 @@ 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":1,"flow_src_last_pkt_time":1686269328666858,"flow_dst_last_pkt_time":1686269328666858,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686269328666858,"pkt":"xmjqc4OdPJTVQTiBCABFAABLWZ4AACcReX7adoNxunDKNSGuAasANw2BAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686269328666858,"flow_src_last_pkt_time":1686269328666858,"flow_dst_last_pkt_time":1686269328666858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686269328666858,"l3_proto":"ip4","src_ip":"218.118.131.113","dst_ip":"186.112.202.53","src_port":8622,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686268741318193,"flow_src_last_pkt_time":1686268741318193,"flow_dst_last_pkt_time":1686268741318193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686269328666858,"l3_proto":"ip4","src_ip":"76.45.103.228","dst_ip":"90.111.212.50","src_port":55007,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":311,"packets-processed":310,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15980,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":304,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":304,"total-idle-flows":303,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1476,"global_ts_usec":1686271029434310} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":311,"packets-processed":310,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":15980,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":304,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":304,"total-idle-flows":303,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1476,"global_ts_usec":1686271029434310} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686271029434310,"flow_src_last_pkt_time":1686271029434310,"flow_dst_last_pkt_time":1686271029434310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686271029434310,"l3_proto":"ip4","src_ip":"189.229.250.75","dst_ip":"165.114.202.61","src_port":50111,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":305,"flow_packet_id":1,"flow_src_last_pkt_time":1686271029434310,"flow_dst_last_pkt_time":1686271029434310,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686271029434310,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbHG95fpLpXLKPcO\/AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686271029434310,"flow_src_last_pkt_time":1686271029434310,"flow_dst_last_pkt_time":1686271029434310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686271029434310,"l3_proto":"ip4","src_ip":"189.229.250.75","dst_ip":"165.114.202.61","src_port":50111,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686269328666858,"flow_src_last_pkt_time":1686269328666858,"flow_dst_last_pkt_time":1686269328666858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686271029434310,"l3_proto":"ip4","src_ip":"218.118.131.113","dst_ip":"186.112.202.53","src_port":8622,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":312,"packets-processed":311,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16009,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":305,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":305,"total-idle-flows":304,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1481,"global_ts_usec":1686272210557633} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":312,"packets-processed":311,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16009,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":305,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":305,"total-idle-flows":304,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1481,"global_ts_usec":1686272210557633} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686272210557633,"flow_src_last_pkt_time":1686272210557633,"flow_dst_last_pkt_time":1686272210557633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686272210557633,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"69.109.187.54","src_port":21256,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":306,"flow_packet_id":1,"flow_src_last_pkt_time":1686272210557633,"flow_dst_last_pkt_time":1686272210557633,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686272210557633,"pkt":"bpHurUgdPJTVQTiBCABFAABLiBsAACcRSwWlgP10RW27NlMIAasAN9wqAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686272210557633,"flow_src_last_pkt_time":1686272210557633,"flow_dst_last_pkt_time":1686272210557633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686272210557633,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"69.109.187.54","src_port":21256,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686271029434310,"flow_src_last_pkt_time":1686271029434310,"flow_dst_last_pkt_time":1686271029434310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686272210557633,"l3_proto":"ip4","src_ip":"189.229.250.75","dst_ip":"165.114.202.61","src_port":50111,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":313,"packets-processed":312,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16056,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":306,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":306,"total-idle-flows":305,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1486,"global_ts_usec":1686276490401508} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":313,"packets-processed":312,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16056,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":306,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":306,"total-idle-flows":305,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1486,"global_ts_usec":1686276490401508} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686276490401508,"flow_src_last_pkt_time":1686276490401508,"flow_dst_last_pkt_time":1686276490401508,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686276490401508,"l3_proto":"ip4","src_ip":"94.230.158.79","dst_ip":"74.111.203.55","src_port":55750,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":307,"flow_packet_id":1,"flow_src_last_pkt_time":1686276490401508,"flow_dst_last_pkt_time":1686276490401508,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686276490401508,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRbH9e5p5PSm\/LN9nGAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686276490401508,"flow_src_last_pkt_time":1686276490401508,"flow_dst_last_pkt_time":1686276490401508,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686276490401508,"l3_proto":"ip4","src_ip":"94.230.158.79","dst_ip":"74.111.203.55","src_port":55750,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1492,32 +1492,32 @@ 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":308,"flow_packet_id":1,"flow_src_last_pkt_time":1686277031596938,"flow_dst_last_pkt_time":1686277031596938,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686277031596938,"pkt":"bs1PogZtPJTVQTiBCABFCABLQa4AACIRiPcj\/EVxWpG0OpLiAasAN47dAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686277031596938,"flow_src_last_pkt_time":1686277031596938,"flow_dst_last_pkt_time":1686277031596938,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686277031596938,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.145.180.58","src_port":37602,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686276490401508,"flow_src_last_pkt_time":1686276490401508,"flow_dst_last_pkt_time":1686276490401508,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686277031596938,"l3_proto":"ip4","src_ip":"94.230.158.79","dst_ip":"74.111.203.55","src_port":55750,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":315,"packets-processed":314,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16132,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":308,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":308,"total-idle-flows":307,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1495,"global_ts_usec":1686279640620137} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":315,"packets-processed":314,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16132,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":308,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":308,"total-idle-flows":307,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1495,"global_ts_usec":1686279640620137} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686279640620137,"flow_src_last_pkt_time":1686279640620137,"flow_dst_last_pkt_time":1686279640620137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686279640620137,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"90.147.171.51","src_port":46606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":1,"flow_src_last_pkt_time":1686279640620137,"flow_dst_last_pkt_time":1686279640620137,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686279640620137,"pkt":"AAwp30Y4PJTVQTiBCABFCABL5wQAACIR47OY\/6p8WpOrM7YOAasAN2vEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686279640620137,"flow_src_last_pkt_time":1686279640620137,"flow_dst_last_pkt_time":1686279640620137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686279640620137,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"90.147.171.51","src_port":46606,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686277031596938,"flow_src_last_pkt_time":1686277031596938,"flow_dst_last_pkt_time":1686277031596938,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686279640620137,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.145.180.58","src_port":37602,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":316,"packets-processed":315,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16179,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":309,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":309,"total-idle-flows":308,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1500,"global_ts_usec":1686282116013463} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":316,"packets-processed":315,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16179,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":309,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":309,"total-idle-flows":308,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1500,"global_ts_usec":1686282116013463} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686282116013463,"flow_src_last_pkt_time":1686282116013463,"flow_dst_last_pkt_time":1686282116013463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686282116013463,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":54818,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":1,"flow_src_last_pkt_time":1686282116013463,"flow_dst_last_pkt_time":1686282116013463,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686282116013463,"pkt":"AAwp30Y4PJTVQTiBCABFCABSCtkAAGsRC7dDnxCWpXLKPdYiAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686282116013463,"flow_src_last_pkt_time":1686282116013463,"flow_dst_last_pkt_time":1686282116013463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686282116013463,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":54818,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686279640620137,"flow_src_last_pkt_time":1686279640620137,"flow_dst_last_pkt_time":1686279640620137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686282116013463,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"90.147.171.51","src_port":46606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":317,"packets-processed":316,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16233,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":310,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":310,"total-idle-flows":309,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1505,"global_ts_usec":1686283230398748} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":317,"packets-processed":316,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16233,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":310,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":310,"total-idle-flows":309,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1505,"global_ts_usec":1686283230398748} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686283230398748,"flow_src_last_pkt_time":1686283230398748,"flow_dst_last_pkt_time":1686283230398748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686283230398748,"l3_proto":"ip4","src_ip":"93.26.159.17","dst_ip":"186.112.202.53","src_port":57065,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":311,"flow_packet_id":1,"flow_src_last_pkt_time":1686283230398748,"flow_dst_last_pkt_time":1686283230398748,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686283230398748,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbUxdGp8RunDKNd7pAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686283230398748,"flow_src_last_pkt_time":1686283230398748,"flow_dst_last_pkt_time":1686283230398748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686283230398748,"l3_proto":"ip4","src_ip":"93.26.159.17","dst_ip":"186.112.202.53","src_port":57065,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686282116013463,"flow_src_last_pkt_time":1686282116013463,"flow_dst_last_pkt_time":1686282116013463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686283230398748,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":54818,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":318,"packets-processed":317,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16262,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":311,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":311,"total-idle-flows":310,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1510,"global_ts_usec":1686284127841221} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":318,"packets-processed":317,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16262,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":311,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":311,"total-idle-flows":310,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1510,"global_ts_usec":1686284127841221} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686284127841221,"flow_src_last_pkt_time":1686284127841221,"flow_dst_last_pkt_time":1686284127841221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686284127841221,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.141.37.56","src_port":49891,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":312,"flow_packet_id":1,"flow_src_last_pkt_time":1686284127841221,"flow_dst_last_pkt_time":1686284127841221,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686284127841221,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRbM3ZH+f\/Wo0lOMLjAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686284127841221,"flow_src_last_pkt_time":1686284127841221,"flow_dst_last_pkt_time":1686284127841221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686284127841221,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.141.37.56","src_port":49891,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686283230398748,"flow_src_last_pkt_time":1686283230398748,"flow_dst_last_pkt_time":1686283230398748,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686284127841221,"l3_proto":"ip4","src_ip":"93.26.159.17","dst_ip":"186.112.202.53","src_port":57065,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":319,"packets-processed":318,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16291,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":312,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":312,"total-idle-flows":311,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1515,"global_ts_usec":1686290568082392} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":319,"packets-processed":318,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16291,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":312,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":312,"total-idle-flows":311,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1515,"global_ts_usec":1686290568082392} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686290568082392,"flow_src_last_pkt_time":1686290568082392,"flow_dst_last_pkt_time":1686290568082392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686290568082392,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":12620,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":313,"flow_packet_id":1,"flow_src_last_pkt_time":1686290568082392,"flow_dst_last_pkt_time":1686290568082392,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686290568082392,"pkt":"AAwp30Y4PJTVQTiBCABFAABScHIAAG0RpCZDnxCWpZBUPjFMAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686290568082392,"flow_src_last_pkt_time":1686290568082392,"flow_dst_last_pkt_time":1686290568082392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686290568082392,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.144.84.62","src_port":12620,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686284127841221,"flow_src_last_pkt_time":1686284127841221,"flow_dst_last_pkt_time":1686284127841221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686290568082392,"l3_proto":"ip4","src_ip":"217.31.231.255","dst_ip":"90.141.37.56","src_port":49891,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":320,"packets-processed":319,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16345,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":313,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":313,"total-idle-flows":312,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1520,"global_ts_usec":1686292143831347} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":320,"packets-processed":319,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16345,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":313,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":313,"total-idle-flows":312,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1520,"global_ts_usec":1686292143831347} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292143831347,"flow_src_last_pkt_time":1686292143831347,"flow_dst_last_pkt_time":1686292143831347,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292143831347,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":12480,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":314,"flow_packet_id":1,"flow_src_last_pkt_time":1686292143831347,"flow_dst_last_pkt_time":1686292143831347,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686292143831347,"pkt":"moT+\/Ph8PJTVQTiBCABFCABL62sAACIR3z5b\/2t0VW80OTDAAasAN\/EEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292143831347,"flow_src_last_pkt_time":1686292143831347,"flow_dst_last_pkt_time":1686292143831347,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292143831347,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":12480,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1526,17 +1526,17 @@ 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":321,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":315,"flow_packet_id":1,"flow_src_last_pkt_time":1686292431165594,"flow_dst_last_pkt_time":1686292431165594,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686292431165594,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRXt6v7\/\/ZRW27NtI8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":321,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292431165594,"flow_src_last_pkt_time":1686292431165594,"flow_dst_last_pkt_time":1686292431165594,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292431165594,"l3_proto":"ip4","src_ip":"175.239.255.217","dst_ip":"69.109.187.54","src_port":53820,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292143831347,"flow_src_last_pkt_time":1686292143831347,"flow_dst_last_pkt_time":1686292143831347,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686292431165594,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":12480,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":322,"packets-processed":321,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16421,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":315,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":315,"total-idle-flows":314,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1529,"global_ts_usec":1686295204381615} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":322,"packets-processed":321,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16421,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":315,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":315,"total-idle-flows":314,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1529,"global_ts_usec":1686295204381615} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686295204381615,"flow_src_last_pkt_time":1686295204381615,"flow_dst_last_pkt_time":1686295204381615,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686295204381615,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.145.180.58","src_port":53644,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":316,"flow_packet_id":1,"flow_src_last_pkt_time":1686295204381615,"flow_dst_last_pkt_time":1686295204381615,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686295204381615,"pkt":"bs1PogZtPJTVQTiBCABFCABSvkIAAGsRWFBDnxCWWpG0OtGMAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686295204381615,"flow_src_last_pkt_time":1686295204381615,"flow_dst_last_pkt_time":1686295204381615,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686295204381615,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.145.180.58","src_port":53644,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686292431165594,"flow_src_last_pkt_time":1686292431165594,"flow_dst_last_pkt_time":1686292431165594,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686295204381615,"l3_proto":"ip4","src_ip":"175.239.255.217","dst_ip":"69.109.187.54","src_port":53820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":323,"packets-processed":322,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16475,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":316,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":316,"total-idle-flows":315,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1534,"global_ts_usec":1686301765843785} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":323,"packets-processed":322,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16475,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":316,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":316,"total-idle-flows":315,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1534,"global_ts_usec":1686301765843785} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686301765843785,"flow_src_last_pkt_time":1686301765843785,"flow_dst_last_pkt_time":1686301765843785,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686301765843785,"l3_proto":"ip4","src_ip":"7.110.179.205","dst_ip":"165.144.84.62","src_port":58317,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":317,"flow_packet_id":1,"flow_src_last_pkt_time":1686301765843785,"flow_dst_last_pkt_time":1686301765843785,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686301765843785,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+ZMJAADQR\/Z8HbrPNpZBUPuPNAasAKqdQAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686301765843785,"flow_src_last_pkt_time":1686301765843785,"flow_dst_last_pkt_time":1686301765843785,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686301765843785,"l3_proto":"ip4","src_ip":"7.110.179.205","dst_ip":"165.144.84.62","src_port":58317,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686295204381615,"flow_src_last_pkt_time":1686295204381615,"flow_dst_last_pkt_time":1686295204381615,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686301765843785,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"90.145.180.58","src_port":53644,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":324,"packets-processed":323,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16509,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":317,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":317,"total-idle-flows":316,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1539,"global_ts_usec":1686303104961112} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":324,"packets-processed":323,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16509,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":317,"total-detection-updates":0,"total-updates":54,"current-active-flows":1,"total-active-flows":317,"total-idle-flows":316,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1539,"global_ts_usec":1686303104961112} 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303104961112,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303104961112,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"165.114.202.61","src_port":37975,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_packet_id":1,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686303104961112,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+LXZAADQRNPvJ7YfSpXLKPZRXAasAKvbVAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303104961112,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303104961112,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"165.114.202.61","src_port":37975,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1545,13 +1545,13 @@ 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":325,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":319,"flow_packet_id":1,"flow_src_last_pkt_time":1686303160580622,"flow_dst_last_pkt_time":1686303160580622,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686303160580622,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+Py1AADQRI2U5ooDqVW80OflAAasAKpINAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":325,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303160580622,"flow_src_last_pkt_time":1686303160580622,"flow_dst_last_pkt_time":1686303160580622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303160580622,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"85.111.52.57","src_port":63808,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00990{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303104961112,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303160580622,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"165.114.202.61","src_port":37975,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":326,"packets-processed":325,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16577,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":319,"total-detection-updates":0,"total-updates":55,"current-active-flows":2,"total-active-flows":319,"total-idle-flows":317,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1548,"global_ts_usec":1686303829470774} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":326,"packets-processed":325,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16577,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":319,"total-detection-updates":0,"total-updates":55,"current-active-flows":2,"total-active-flows":319,"total-idle-flows":317,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1548,"global_ts_usec":1686303829470774} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303829470774,"flow_src_last_pkt_time":1686303829470774,"flow_dst_last_pkt_time":1686303829470774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303829470774,"l3_proto":"ip4","src_ip":"120.46.80.212","dst_ip":"74.111.203.55","src_port":60012,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":320,"flow_packet_id":1,"flow_src_last_pkt_time":1686303829470774,"flow_dst_last_pkt_time":1686303829470774,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686303829470774,"pkt":"ipffLU2SPJTVQTiBCABFAAA+mKZAADQRydB4LlDUSm\/LN+psAasAKqDGAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303829470774,"flow_src_last_pkt_time":1686303829470774,"flow_dst_last_pkt_time":1686303829470774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303829470774,"l3_proto":"ip4","src_ip":"120.46.80.212","dst_ip":"74.111.203.55","src_port":60012,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303160580622,"flow_src_last_pkt_time":1686303160580622,"flow_dst_last_pkt_time":1686303160580622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303829470774,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"85.111.52.57","src_port":63808,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686303104961112,"flow_src_last_pkt_time":1686303104961112,"flow_dst_last_pkt_time":1686303104961112,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686303829470774,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"165.114.202.61","src_port":37975,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":327,"packets-processed":326,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16611,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":320,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":320,"total-idle-flows":319,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1554,"global_ts_usec":1686304502775958} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":327,"packets-processed":326,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16611,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":320,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":320,"total-idle-flows":319,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1554,"global_ts_usec":1686304502775958} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304502775958,"flow_src_last_pkt_time":1686304502775958,"flow_dst_last_pkt_time":1686304502775958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304502775958,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"69.109.187.54","src_port":48188,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":321,"flow_packet_id":1,"flow_src_last_pkt_time":1686304502775958,"flow_dst_last_pkt_time":1686304502775958,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686304502775958,"pkt":"bpHurUgdPJTVQTiBCABFAAA+ef9AADQR6JY5ooDqRW27Nrw8AasAKs8VAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304502775958,"flow_src_last_pkt_time":1686304502775958,"flow_dst_last_pkt_time":1686304502775958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304502775958,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"69.109.187.54","src_port":48188,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1560,7 +1560,7 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":328,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":322,"flow_packet_id":1,"flow_src_last_pkt_time":1686304868179785,"flow_dst_last_pkt_time":1686304868179785,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686304868179785,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+RtxAADQRG7c5ooDqWo0lOEzRAasAKj5+AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":328,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304868179785,"flow_src_last_pkt_time":1686304868179785,"flow_dst_last_pkt_time":1686304868179785,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304868179785,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"90.141.37.56","src_port":19665,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686304502775958,"flow_src_last_pkt_time":1686304502775958,"flow_dst_last_pkt_time":1686304502775958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686304868179785,"l3_proto":"ip4","src_ip":"57.162.128.234","dst_ip":"69.109.187.54","src_port":48188,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":329,"packets-processed":328,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16679,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":322,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":322,"total-idle-flows":321,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1563,"global_ts_usec":1686305286126745} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":329,"packets-processed":328,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16679,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":322,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":322,"total-idle-flows":321,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1563,"global_ts_usec":1686305286126745} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305286126745,"flow_src_last_pkt_time":1686305286126745,"flow_dst_last_pkt_time":1686305286126745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305286126745,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"90.145.180.58","src_port":6545,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":323,"flow_packet_id":1,"flow_src_last_pkt_time":1686305286126745,"flow_dst_last_pkt_time":1686305286126745,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686305286126745,"pkt":"bs1PogZtPJTVQTiBCABFAAA+FfdAADQRTH3J7YfSWpG0OhmRAasAKnGfAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305286126745,"flow_src_last_pkt_time":1686305286126745,"flow_dst_last_pkt_time":1686305286126745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305286126745,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"90.145.180.58","src_port":6545,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1572,23 +1572,23 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":331,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":325,"flow_packet_id":1,"flow_src_last_pkt_time":1686305544554511,"flow_dst_last_pkt_time":1686305544554511,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686305544554511,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+PF5AADQRJgP3XbfFunDKNSAVAasAKmsIAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":331,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305544554511,"flow_src_last_pkt_time":1686305544554511,"flow_dst_last_pkt_time":1686305544554511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305544554511,"l3_proto":"ip4","src_ip":"247.93.183.197","dst_ip":"186.112.202.53","src_port":8213,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305286126745,"flow_src_last_pkt_time":1686305286126745,"flow_dst_last_pkt_time":1686305286126745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686305544554511,"l3_proto":"ip4","src_ip":"201.237.135.210","dst_ip":"90.145.180.58","src_port":6545,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":332,"packets-processed":331,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16781,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":325,"total-detection-updates":0,"total-updates":55,"current-active-flows":2,"total-active-flows":325,"total-idle-flows":323,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1575,"global_ts_usec":1686312624909971} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":332,"packets-processed":331,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16781,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":325,"total-detection-updates":0,"total-updates":55,"current-active-flows":2,"total-active-flows":325,"total-idle-flows":323,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1575,"global_ts_usec":1686312624909971} 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686312624909971,"flow_src_last_pkt_time":1686312624909971,"flow_dst_last_pkt_time":1686312624909971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686312624909971,"l3_proto":"ip4","src_ip":"37.97.4.125","dst_ip":"90.141.37.56","src_port":16072,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":326,"flow_packet_id":1,"flow_src_last_pkt_time":1686312624909971,"flow_dst_last_pkt_time":1686312624909971,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686312624909971,"pkt":"3jHC4dyOPJTVQTiBCABFAABLr5UAACcRI44lYQR9Wo0lOD7IAasAN\/BtAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686312624909971,"flow_src_last_pkt_time":1686312624909971,"flow_dst_last_pkt_time":1686312624909971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686312624909971,"l3_proto":"ip4","src_ip":"37.97.4.125","dst_ip":"90.141.37.56","src_port":16072,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305534685025,"flow_src_last_pkt_time":1686305534685025,"flow_dst_last_pkt_time":1686305534685025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686312624909971,"l3_proto":"ip4","src_ip":"247.93.183.197","dst_ip":"90.147.171.51","src_port":10997,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686305544554511,"flow_src_last_pkt_time":1686305544554511,"flow_dst_last_pkt_time":1686305544554511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686312624909971,"l3_proto":"ip4","src_ip":"247.93.183.197","dst_ip":"186.112.202.53","src_port":8213,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":333,"packets-processed":332,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16828,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":326,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":326,"total-idle-flows":325,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1581,"global_ts_usec":1686321706660675} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":333,"packets-processed":332,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16828,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":326,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":326,"total-idle-flows":325,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1581,"global_ts_usec":1686321706660675} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686321706660675,"flow_src_last_pkt_time":1686321706660675,"flow_dst_last_pkt_time":1686321706660675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686321706660675,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"85.111.52.57","src_port":34761,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":327,"flow_packet_id":1,"flow_src_last_pkt_time":1686321706660675,"flow_dst_last_pkt_time":1686321706660675,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686321706660675,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPMRCZD2S2hzVW80OYfJAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686321706660675,"flow_src_last_pkt_time":1686321706660675,"flow_dst_last_pkt_time":1686321706660675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686321706660675,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"85.111.52.57","src_port":34761,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686312624909971,"flow_src_last_pkt_time":1686312624909971,"flow_dst_last_pkt_time":1686312624909971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686321706660675,"l3_proto":"ip4","src_ip":"37.97.4.125","dst_ip":"90.141.37.56","src_port":16072,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":334,"packets-processed":333,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16926,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":327,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":327,"total-idle-flows":326,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1586,"global_ts_usec":1686324009293668} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":334,"packets-processed":333,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":16926,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":327,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":327,"total-idle-flows":326,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1586,"global_ts_usec":1686324009293668} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324009293668,"flow_src_last_pkt_time":1686324009293668,"flow_dst_last_pkt_time":1686324009293668,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324009293668,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":51620,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":328,"flow_packet_id":1,"flow_src_last_pkt_time":1686324009293668,"flow_dst_last_pkt_time":1686324009293668,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686324009293668,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAO0REAO2tHiLWo0lOMmkAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324009293668,"flow_src_last_pkt_time":1686324009293668,"flow_dst_last_pkt_time":1686324009293668,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324009293668,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"90.141.37.56","src_port":51620,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686321706660675,"flow_src_last_pkt_time":1686321706660675,"flow_dst_last_pkt_time":1686321706660675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324009293668,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"85.111.52.57","src_port":34761,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":335,"packets-processed":334,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17024,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":328,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":328,"total-idle-flows":327,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1591,"global_ts_usec":1686324751894084} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":335,"packets-processed":334,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17024,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":328,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":328,"total-idle-flows":327,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1591,"global_ts_usec":1686324751894084} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324751894084,"flow_src_last_pkt_time":1686324751894084,"flow_dst_last_pkt_time":1686324751894084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324751894084,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":41843,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":329,"flow_packet_id":1,"flow_src_last_pkt_time":1686324751894084,"flow_dst_last_pkt_time":1686324751894084,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686324751894084,"pkt":"bs1PogZtPJTVQTiBCABFCAB+1DEAAO0RqigTY5KcWpG0OqNzAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324751894084,"flow_src_last_pkt_time":1686324751894084,"flow_dst_last_pkt_time":1686324751894084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324751894084,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":41843,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1596,28 +1596,28 @@ 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":336,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324780665773,"flow_src_last_pkt_time":1686324780665773,"flow_dst_last_pkt_time":1686324780665773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324780665773,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":29266,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":336,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":330,"flow_packet_id":1,"flow_src_last_pkt_time":1686324780665773,"flow_dst_last_pkt_time":1686324780665773,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686324780665773,"pkt":"AAwp30Y4PJTVQTiBCABFAABL\/uwAACcR1DRiZ\/1zWm\/UMnJSAasAN7zhAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":336,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324780665773,"flow_src_last_pkt_time":1686324780665773,"flow_dst_last_pkt_time":1686324780665773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686324780665773,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":29266,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":337,"packets-processed":336,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17169,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":330,"total-detection-updates":0,"total-updates":55,"current-active-flows":2,"total-active-flows":330,"total-idle-flows":328,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1599,"global_ts_usec":1686325702442238} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":337,"packets-processed":336,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17169,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":330,"total-detection-updates":0,"total-updates":55,"current-active-flows":2,"total-active-flows":330,"total-idle-flows":328,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1599,"global_ts_usec":1686325702442238} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686325702442238,"flow_src_last_pkt_time":1686325702442238,"flow_dst_last_pkt_time":1686325702442238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686325702442238,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":34997,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":331,"flow_packet_id":1,"flow_src_last_pkt_time":1686325702442238,"flow_dst_last_pkt_time":1686325702442238,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686325702442238,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZXItJByWm\/UMoi1AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686325702442238,"flow_src_last_pkt_time":1686325702442238,"flow_dst_last_pkt_time":1686325702442238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686325702442238,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":34997,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324751894084,"flow_src_last_pkt_time":1686324751894084,"flow_dst_last_pkt_time":1686324751894084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686325702442238,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.145.180.58","src_port":41843,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686324780665773,"flow_src_last_pkt_time":1686324780665773,"flow_dst_last_pkt_time":1686324780665773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686325702442238,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":29266,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":338,"packets-processed":337,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17267,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":331,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":331,"total-idle-flows":330,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1605,"global_ts_usec":1686326962813579} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":338,"packets-processed":337,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17267,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":331,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":331,"total-idle-flows":330,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1605,"global_ts_usec":1686326962813579} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686326962813579,"flow_src_last_pkt_time":1686326962813579,"flow_dst_last_pkt_time":1686326962813579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686326962813579,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":32881,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":332,"flow_packet_id":1,"flow_src_last_pkt_time":1686326962813579,"flow_dst_last_pkt_time":1686326962813579,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686326962813579,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZbItJByWpOrM4BxAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686326962813579,"flow_src_last_pkt_time":1686326962813579,"flow_dst_last_pkt_time":1686326962813579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686326962813579,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":32881,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686325702442238,"flow_src_last_pkt_time":1686325702442238,"flow_dst_last_pkt_time":1686325702442238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686326962813579,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.111.212.50","src_port":34997,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":339,"packets-processed":338,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17365,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":332,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":332,"total-idle-flows":331,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1610,"global_ts_usec":1686329069716669} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":339,"packets-processed":338,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17365,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":332,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":332,"total-idle-flows":331,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1610,"global_ts_usec":1686329069716669} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686329069716669,"flow_src_last_pkt_time":1686329069716669,"flow_dst_last_pkt_time":1686329069716669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686329069716669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"165.144.84.62","src_port":36679,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":1,"flow_src_last_pkt_time":1686329069716669,"flow_dst_last_pkt_time":1686329069716669,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686329069716669,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCYvItJBypZBUPo9HAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686329069716669,"flow_src_last_pkt_time":1686329069716669,"flow_dst_last_pkt_time":1686329069716669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686329069716669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"165.144.84.62","src_port":36679,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686326962813579,"flow_src_last_pkt_time":1686326962813579,"flow_dst_last_pkt_time":1686326962813579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686329069716669,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":32881,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":340,"packets-processed":339,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17463,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":333,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":333,"total-idle-flows":332,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1615,"global_ts_usec":1686330200907102} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":340,"packets-processed":339,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17463,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":333,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":333,"total-idle-flows":332,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1615,"global_ts_usec":1686330200907102} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686330200907102,"flow_src_last_pkt_time":1686330200907102,"flow_dst_last_pkt_time":1686330200907102,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686330200907102,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":50741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":1,"flow_src_last_pkt_time":1686330200907102,"flow_dst_last_pkt_time":1686330200907102,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686330200907102,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAO0RqigTnLybunDKNcY1AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686330200907102,"flow_src_last_pkt_time":1686330200907102,"flow_dst_last_pkt_time":1686330200907102,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686330200907102,"l3_proto":"ip4","src_ip":"19.156.188.155","dst_ip":"186.112.202.53","src_port":50741,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686329069716669,"flow_src_last_pkt_time":1686329069716669,"flow_dst_last_pkt_time":1686329069716669,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686330200907102,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"165.144.84.62","src_port":36679,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":341,"packets-processed":340,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17561,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":334,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":334,"total-idle-flows":333,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1620,"global_ts_usec":1686331103032820} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":341,"packets-processed":340,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17561,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":334,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":334,"total-idle-flows":333,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1620,"global_ts_usec":1686331103032820} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331103032820,"flow_src_last_pkt_time":1686331103032820,"flow_dst_last_pkt_time":1686331103032820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331103032820,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":52293,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":335,"flow_packet_id":1,"flow_src_last_pkt_time":1686331103032820,"flow_dst_last_pkt_time":1686331103032820,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686331103032820,"pkt":"bpHurUgdPJTVQTiBCABFCAB+1DEAAO0REA2GtJCVRW27NsxFAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331103032820,"flow_src_last_pkt_time":1686331103032820,"flow_dst_last_pkt_time":1686331103032820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331103032820,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":52293,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1626,12 +1626,12 @@ 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":342,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":336,"flow_packet_id":1,"flow_src_last_pkt_time":1686331598448412,"flow_dst_last_pkt_time":1686331598448412,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686331598448412,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRCZTItJBySm\/LN99gAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":342,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331598448412,"flow_src_last_pkt_time":1686331598448412,"flow_dst_last_pkt_time":1686331598448412,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331598448412,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"74.111.203.55","src_port":57184,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331103032820,"flow_src_last_pkt_time":1686331103032820,"flow_dst_last_pkt_time":1686331103032820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686331598448412,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"69.109.187.54","src_port":52293,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":343,"packets-processed":342,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17757,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":336,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":336,"total-idle-flows":335,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1629,"global_ts_usec":1686332169029831} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":343,"packets-processed":342,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17757,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":336,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":336,"total-idle-flows":335,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1629,"global_ts_usec":1686332169029831} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686332169029831,"flow_src_last_pkt_time":1686332169029831,"flow_dst_last_pkt_time":1686332169029831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686332169029831,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":54751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":337,"flow_packet_id":1,"flow_src_last_pkt_time":1686332169029831,"flow_dst_last_pkt_time":1686332169029831,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686332169029831,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqhguZGGTpXLKPdXfAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686332169029831,"flow_src_last_pkt_time":1686332169029831,"flow_dst_last_pkt_time":1686332169029831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686332169029831,"l3_proto":"ip4","src_ip":"46.100.97.147","dst_ip":"165.114.202.61","src_port":54751,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686331598448412,"flow_src_last_pkt_time":1686331598448412,"flow_dst_last_pkt_time":1686331598448412,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686332169029831,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"74.111.203.55","src_port":57184,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":344,"packets-processed":343,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17855,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":337,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":337,"total-idle-flows":336,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1634,"global_ts_usec":1686334800212088} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":344,"packets-processed":343,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17855,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":337,"total-detection-updates":0,"total-updates":55,"current-active-flows":1,"total-active-flows":337,"total-idle-flows":336,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1634,"global_ts_usec":1686334800212088} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334800212088,"flow_src_last_pkt_time":1686334800212088,"flow_dst_last_pkt_time":1686334800212088,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334800212088,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.147.171.51","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":338,"flow_packet_id":1,"flow_src_last_pkt_time":1686334800212088,"flow_dst_last_pkt_time":1686334800212088,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686334800212088,"pkt":"AAwp30Y4PJTVQTiBCABFAABSPDMAAOoRJurHERCvWpOrM+YiAasAPi4OAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334800212088,"flow_src_last_pkt_time":1686334800212088,"flow_dst_last_pkt_time":1686334800212088,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334800212088,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.147.171.51","src_port":58914,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1650,7 +1650,7 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":348,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334859871850,"flow_src_last_pkt_time":1686334859871850,"flow_dst_last_pkt_time":1686334859871850,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334859871850,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.111.212.50","src_port":58914,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334800212088,"flow_src_last_pkt_time":1686334800212088,"flow_dst_last_pkt_time":1686334800212088,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334859871850,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"90.147.171.51","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686334813478068,"flow_src_last_pkt_time":1686334813478068,"flow_dst_last_pkt_time":1686334813478068,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686334859871850,"l3_proto":"ip4","src_ip":"199.17.16.175","dst_ip":"165.114.202.61","src_port":58914,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":349,"packets-processed":348,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18125,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":342,"total-detection-updates":0,"total-updates":57,"current-active-flows":5,"total-active-flows":342,"total-idle-flows":337,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1653,"global_ts_usec":1686335939300740} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":349,"packets-processed":348,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18125,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":342,"total-detection-updates":0,"total-updates":57,"current-active-flows":5,"total-active-flows":342,"total-idle-flows":337,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1653,"global_ts_usec":1686335939300740} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686335939300740,"flow_src_last_pkt_time":1686335939300740,"flow_dst_last_pkt_time":1686335939300740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686335939300740,"l3_proto":"ip4","src_ip":"198.215.2.104","dst_ip":"165.114.202.61","src_port":55462,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":343,"flow_packet_id":1,"flow_src_last_pkt_time":1686335939300740,"flow_dst_last_pkt_time":1686335939300740,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686335939300740,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbZXG1wJopXLKPdimAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686335939300740,"flow_src_last_pkt_time":1686335939300740,"flow_dst_last_pkt_time":1686335939300740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686335939300740,"l3_proto":"ip4","src_ip":"198.215.2.104","dst_ip":"165.114.202.61","src_port":55462,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1663,37 +1663,37 @@ 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":344,"flow_packet_id":1,"flow_src_last_pkt_time":1686336218624230,"flow_dst_last_pkt_time":1686336218624230,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686336218624230,"pkt":"AAwp30Y4PJTVQTiBCABFCABLMOwAACQRk3IbhqncpXLKPdPLAasAN0mtAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686336218624230,"flow_src_last_pkt_time":1686336218624230,"flow_dst_last_pkt_time":1686336218624230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686336218624230,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"165.114.202.61","src_port":54219,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686335939300740,"flow_src_last_pkt_time":1686335939300740,"flow_dst_last_pkt_time":1686335939300740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686336218624230,"l3_proto":"ip4","src_ip":"198.215.2.104","dst_ip":"165.114.202.61","src_port":55462,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":351,"packets-processed":350,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18201,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":344,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":344,"total-idle-flows":343,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1666,"global_ts_usec":1686337417264371} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":351,"packets-processed":350,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18201,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":344,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":344,"total-idle-flows":343,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1666,"global_ts_usec":1686337417264371} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686337417264371,"flow_src_last_pkt_time":1686337417264371,"flow_dst_last_pkt_time":1686337417264371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686337417264371,"l3_proto":"ip4","src_ip":"80.16.56.40","dst_ip":"74.111.203.55","src_port":49864,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":1,"flow_src_last_pkt_time":1686337417264371,"flow_dst_last_pkt_time":1686337417264371,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686337417264371,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRX4BQEDgoSm\/LN8LIAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686337417264371,"flow_src_last_pkt_time":1686337417264371,"flow_dst_last_pkt_time":1686337417264371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686337417264371,"l3_proto":"ip4","src_ip":"80.16.56.40","dst_ip":"74.111.203.55","src_port":49864,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686336218624230,"flow_src_last_pkt_time":1686336218624230,"flow_dst_last_pkt_time":1686336218624230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686337417264371,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"165.114.202.61","src_port":54219,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":352,"packets-processed":351,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18230,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":345,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":345,"total-idle-flows":344,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1671,"global_ts_usec":1686348943265542} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":352,"packets-processed":351,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18230,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":345,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":345,"total-idle-flows":344,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1671,"global_ts_usec":1686348943265542} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686348943265542,"flow_src_last_pkt_time":1686348943265542,"flow_dst_last_pkt_time":1686348943265542,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686348943265542,"l3_proto":"ip4","src_ip":"206.240.152.225","dst_ip":"90.145.180.58","src_port":52955,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":346,"flow_packet_id":1,"flow_src_last_pkt_time":1686348943265542,"flow_dst_last_pkt_time":1686348943265542,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686348943265542,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRX\/PO8JjhWpG0Os7bAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686348943265542,"flow_src_last_pkt_time":1686348943265542,"flow_dst_last_pkt_time":1686348943265542,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686348943265542,"l3_proto":"ip4","src_ip":"206.240.152.225","dst_ip":"90.145.180.58","src_port":52955,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686337417264371,"flow_src_last_pkt_time":1686337417264371,"flow_dst_last_pkt_time":1686337417264371,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686348943265542,"l3_proto":"ip4","src_ip":"80.16.56.40","dst_ip":"74.111.203.55","src_port":49864,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":353,"packets-processed":352,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18259,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":346,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":346,"total-idle-flows":345,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1676,"global_ts_usec":1686352403512683} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":353,"packets-processed":352,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18259,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":346,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":346,"total-idle-flows":345,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1676,"global_ts_usec":1686352403512683} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686352403512683,"flow_src_last_pkt_time":1686352403512683,"flow_dst_last_pkt_time":1686352403512683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686352403512683,"l3_proto":"ip4","src_ip":"172.206.191.39","dst_ip":"165.144.84.62","src_port":55684,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":347,"flow_packet_id":1,"flow_src_last_pkt_time":1686352403512683,"flow_dst_last_pkt_time":1686352403512683,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686352403512683,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXnuszr8npZBUPtmEAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686352403512683,"flow_src_last_pkt_time":1686352403512683,"flow_dst_last_pkt_time":1686352403512683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686352403512683,"l3_proto":"ip4","src_ip":"172.206.191.39","dst_ip":"165.144.84.62","src_port":55684,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686348943265542,"flow_src_last_pkt_time":1686348943265542,"flow_dst_last_pkt_time":1686348943265542,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686352403512683,"l3_proto":"ip4","src_ip":"206.240.152.225","dst_ip":"90.145.180.58","src_port":52955,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":354,"packets-processed":353,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18288,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":347,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":347,"total-idle-flows":346,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1681,"global_ts_usec":1686355642711445} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":354,"packets-processed":353,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18288,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":347,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":347,"total-idle-flows":346,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1681,"global_ts_usec":1686355642711445} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686355642711445,"flow_src_last_pkt_time":1686355642711445,"flow_dst_last_pkt_time":1686355642711445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686355642711445,"l3_proto":"ip4","src_ip":"175.206.31.84","dst_ip":"69.109.187.54","src_port":52553,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":348,"flow_packet_id":1,"flow_src_last_pkt_time":1686355642711445,"flow_dst_last_pkt_time":1686355642711445,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686355642711445,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRX5yvzh9URW27Ns1JAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686355642711445,"flow_src_last_pkt_time":1686355642711445,"flow_dst_last_pkt_time":1686355642711445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686355642711445,"l3_proto":"ip4","src_ip":"175.206.31.84","dst_ip":"69.109.187.54","src_port":52553,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686352403512683,"flow_src_last_pkt_time":1686352403512683,"flow_dst_last_pkt_time":1686352403512683,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686355642711445,"l3_proto":"ip4","src_ip":"172.206.191.39","dst_ip":"165.144.84.62","src_port":55684,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":355,"packets-processed":354,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18317,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":348,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":348,"total-idle-flows":347,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1686,"global_ts_usec":1686356686492578} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":355,"packets-processed":354,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18317,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":348,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":348,"total-idle-flows":347,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1686,"global_ts_usec":1686356686492578} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686356686492578,"flow_src_last_pkt_time":1686356686492578,"flow_dst_last_pkt_time":1686356686492578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686356686492578,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"85.111.52.57","src_port":54217,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":349,"flow_packet_id":1,"flow_src_last_pkt_time":1686356686492578,"flow_dst_last_pkt_time":1686356686492578,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686356686492578,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPoRXo5QM39KVW80OdPJAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686356686492578,"flow_src_last_pkt_time":1686356686492578,"flow_dst_last_pkt_time":1686356686492578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686356686492578,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"85.111.52.57","src_port":54217,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686355642711445,"flow_src_last_pkt_time":1686355642711445,"flow_dst_last_pkt_time":1686355642711445,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686356686492578,"l3_proto":"ip4","src_ip":"175.206.31.84","dst_ip":"69.109.187.54","src_port":52553,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":356,"packets-processed":355,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18346,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":349,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":349,"total-idle-flows":348,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1691,"global_ts_usec":1686361225400035} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":356,"packets-processed":355,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18346,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":349,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":349,"total-idle-flows":348,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1691,"global_ts_usec":1686361225400035} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686361225400035,"flow_src_last_pkt_time":1686361225400035,"flow_dst_last_pkt_time":1686361225400035,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686361225400035,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"186.112.202.53","src_port":51231,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":350,"flow_packet_id":1,"flow_src_last_pkt_time":1686361225400035,"flow_dst_last_pkt_time":1686361225400035,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686361225400035,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRbUHGF1kcunDKNcgfAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686361225400035,"flow_src_last_pkt_time":1686361225400035,"flow_dst_last_pkt_time":1686361225400035,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686361225400035,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"186.112.202.53","src_port":51231,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686356686492578,"flow_src_last_pkt_time":1686356686492578,"flow_dst_last_pkt_time":1686356686492578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686361225400035,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"85.111.52.57","src_port":54217,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":357,"packets-processed":356,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18375,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":350,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":350,"total-idle-flows":349,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1696,"global_ts_usec":1686376742132232} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":357,"packets-processed":356,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18375,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":350,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":350,"total-idle-flows":349,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1696,"global_ts_usec":1686376742132232} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686376742132232,"flow_src_last_pkt_time":1686376742132232,"flow_dst_last_pkt_time":1686376742132232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686376742132232,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"74.111.203.55","src_port":25821,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":351,"flow_packet_id":1,"flow_src_last_pkt_time":1686376742132232,"flow_dst_last_pkt_time":1686376742132232,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686376742132232,"pkt":"ipffLU2SPJTVQTiBCABFAABL5L0AACcR7mFiiQNySm\/LN2TdAasAN8pUAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686376742132232,"flow_src_last_pkt_time":1686376742132232,"flow_dst_last_pkt_time":1686376742132232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686376742132232,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"74.111.203.55","src_port":25821,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1702,12 +1702,12 @@ 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":352,"flow_packet_id":1,"flow_src_last_pkt_time":1686377192208651,"flow_dst_last_pkt_time":1686377192208651,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686377192208651,"pkt":"xmjqc4OdPJTVQTiBCABFCABLA5EAACQRwODboGXRunDKNShSAasAN\/U5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686377192208651,"flow_src_last_pkt_time":1686377192208651,"flow_dst_last_pkt_time":1686377192208651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686377192208651,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"186.112.202.53","src_port":10322,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686376742132232,"flow_src_last_pkt_time":1686376742132232,"flow_dst_last_pkt_time":1686376742132232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686377192208651,"l3_proto":"ip4","src_ip":"98.137.3.114","dst_ip":"74.111.203.55","src_port":25821,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":359,"packets-processed":358,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18469,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":352,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":352,"total-idle-flows":351,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1705,"global_ts_usec":1686378731428268} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":359,"packets-processed":358,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18469,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":352,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":352,"total-idle-flows":351,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1705,"global_ts_usec":1686378731428268} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686378731428268,"flow_src_last_pkt_time":1686378731428268,"flow_dst_last_pkt_time":1686378731428268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686378731428268,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"90.141.37.56","src_port":50837,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":353,"flow_packet_id":1,"flow_src_last_pkt_time":1686378731428268,"flow_dst_last_pkt_time":1686378731428268,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686378731428268,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbdWh54D1Wo0lOMaVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686378731428268,"flow_src_last_pkt_time":1686378731428268,"flow_dst_last_pkt_time":1686378731428268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686378731428268,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"90.141.37.56","src_port":50837,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686377192208651,"flow_src_last_pkt_time":1686377192208651,"flow_dst_last_pkt_time":1686377192208651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686378731428268,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"186.112.202.53","src_port":10322,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":360,"packets-processed":359,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18498,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":353,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":353,"total-idle-flows":352,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1710,"global_ts_usec":1686384968861051} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":360,"packets-processed":359,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18498,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":353,"total-detection-updates":0,"total-updates":57,"current-active-flows":1,"total-active-flows":353,"total-idle-flows":352,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1710,"global_ts_usec":1686384968861051} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686384968861051,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686384968861051,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.114.202.61","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":354,"flow_packet_id":1,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686384968861051,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+0ZZAADQRzpamvyUzpXLKPWv1AasAKlz0AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686384968861051,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686384968861051,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.114.202.61","src_port":27637,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1715,7 +1715,7 @@ 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":355,"flow_packet_id":1,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686384968861051,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+SnBAADQRVctGP9UwWpOrM\/uJAasAKs1tAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686384968861051,"flow_src_last_pkt_time":1686384968861051,"flow_dst_last_pkt_time":1686384968861051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686384968861051,"l3_proto":"ip4","src_ip":"70.63.213.48","dst_ip":"90.147.171.51","src_port":64393,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686378731428268,"flow_src_last_pkt_time":1686378731428268,"flow_dst_last_pkt_time":1686378731428268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686384968861051,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"90.141.37.56","src_port":50837,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":362,"packets-processed":361,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18566,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":355,"total-detection-updates":0,"total-updates":57,"current-active-flows":2,"total-active-flows":355,"total-idle-flows":353,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1718,"global_ts_usec":1686385671822712} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":362,"packets-processed":361,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18566,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":355,"total-detection-updates":0,"total-updates":57,"current-active-flows":2,"total-active-flows":355,"total-idle-flows":353,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1718,"global_ts_usec":1686385671822712} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686385671822712,"flow_src_last_pkt_time":1686385671822712,"flow_dst_last_pkt_time":1686385671822712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686385671822712,"l3_proto":"ip4","src_ip":"89.198.219.40","dst_ip":"69.109.187.54","src_port":13087,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":356,"flow_packet_id":1,"flow_src_last_pkt_time":1686385671822712,"flow_dst_last_pkt_time":1686385671822712,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686385671822712,"pkt":"bpHurUgdPJTVQTiBCABFAAA+U4xAADQRTLRZxtsoRW27NjMfAasAKpXdAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686385671822712,"flow_src_last_pkt_time":1686385671822712,"flow_dst_last_pkt_time":1686385671822712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686385671822712,"l3_proto":"ip4","src_ip":"89.198.219.40","dst_ip":"69.109.187.54","src_port":13087,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1732,7 +1732,7 @@ 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386117996493,"flow_src_last_pkt_time":1686386117996493,"flow_dst_last_pkt_time":1686386117996493,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386117996493,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"186.112.202.53","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":359,"flow_packet_id":1,"flow_src_last_pkt_time":1686386117996493,"flow_dst_last_pkt_time":1686386117996493,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686386117996493,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+tYhAADQR6qymvyUzunDKNWv1AasAKlz8AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386117996493,"flow_src_last_pkt_time":1686386117996493,"flow_dst_last_pkt_time":1686386117996493,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386117996493,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"186.112.202.53","src_port":27637,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":366,"packets-processed":365,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18702,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":359,"total-detection-updates":0,"total-updates":58,"current-active-flows":3,"total-active-flows":359,"total-idle-flows":356,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1735,"global_ts_usec":1686386455119430} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":366,"packets-processed":365,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18702,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":359,"total-detection-updates":0,"total-updates":58,"current-active-flows":3,"total-active-flows":359,"total-idle-flows":356,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1735,"global_ts_usec":1686386455119430} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386455119430,"flow_src_last_pkt_time":1686386455119430,"flow_dst_last_pkt_time":1686386455119430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386455119430,"l3_proto":"ip4","src_ip":"94.70.203.49","dst_ip":"74.111.203.55","src_port":9065,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":360,"flow_packet_id":1,"flow_src_last_pkt_time":1686386455119430,"flow_dst_last_pkt_time":1686386455119430,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686386455119430,"pkt":"ipffLU2SPJTVQTiBCABFAAA+wzhAADQR3P9eRssxSm\/LNyNpAasAKqWLAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386455119430,"flow_src_last_pkt_time":1686386455119430,"flow_dst_last_pkt_time":1686386455119430,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386455119430,"l3_proto":"ip4","src_ip":"94.70.203.49","dst_ip":"74.111.203.55","src_port":9065,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1751,39 +1751,39 @@ 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386835611315,"flow_src_last_pkt_time":1686386835611315,"flow_dst_last_pkt_time":1686386835611315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386835611315,"l3_proto":"ip4","src_ip":"185.211.4.13","dst_ip":"90.111.212.50","src_port":55127,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386733673439,"flow_src_last_pkt_time":1686386733673439,"flow_dst_last_pkt_time":1686386733673439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386835611315,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.144.84.62","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386734896340,"flow_src_last_pkt_time":1686386734896340,"flow_dst_last_pkt_time":1686386734896340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686386835611315,"l3_proto":"ip4","src_ip":"166.65.42.37","dst_ip":"90.141.37.56","src_port":37412,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":370,"packets-processed":369,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18833,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":363,"total-detection-updates":0,"total-updates":60,"current-active-flows":3,"total-active-flows":363,"total-idle-flows":360,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1754,"global_ts_usec":1686401776042881} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":370,"packets-processed":369,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18833,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":363,"total-detection-updates":0,"total-updates":60,"current-active-flows":3,"total-active-flows":363,"total-idle-flows":360,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1754,"global_ts_usec":1686401776042881} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686401776042881,"flow_src_last_pkt_time":1686401776042881,"flow_dst_last_pkt_time":1686401776042881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.141.37.56","src_port":12751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":364,"flow_packet_id":1,"flow_src_last_pkt_time":1686401776042881,"flow_dst_last_pkt_time":1686401776042881,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686401776042881,"pkt":"3jHC4dyOPJTVQTiBCABFCABLnL8AACIRLehkOJtwWo0lODHPAasAN+\/yAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686401776042881,"flow_src_last_pkt_time":1686401776042881,"flow_dst_last_pkt_time":1686401776042881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.141.37.56","src_port":12751,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386835611315,"flow_src_last_pkt_time":1686386835611315,"flow_dst_last_pkt_time":1686386835611315,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"185.211.4.13","dst_ip":"90.111.212.50","src_port":55127,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386733673439,"flow_src_last_pkt_time":1686386733673439,"flow_dst_last_pkt_time":1686386733673439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"166.191.37.51","dst_ip":"165.144.84.62","src_port":27637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686386734896340,"flow_src_last_pkt_time":1686386734896340,"flow_dst_last_pkt_time":1686386734896340,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686401776042881,"l3_proto":"ip4","src_ip":"166.65.42.37","dst_ip":"90.141.37.56","src_port":37412,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":371,"packets-processed":370,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18880,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":364,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":364,"total-idle-flows":363,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1761,"global_ts_usec":1686404500406996} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":371,"packets-processed":370,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18880,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":364,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":364,"total-idle-flows":363,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1761,"global_ts_usec":1686404500406996} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686404500406996,"flow_src_last_pkt_time":1686404500406996,"flow_dst_last_pkt_time":1686404500406996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686404500406996,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":44046,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":365,"flow_packet_id":1,"flow_src_last_pkt_time":1686404500406996,"flow_dst_last_pkt_time":1686404500406996,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686404500406996,"pkt":"AAwp30Y4PJTVQTiBCABFCABLxOMAACIRBdXjx1p6Wm\/UMqwOAasAN3XEAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686404500406996,"flow_src_last_pkt_time":1686404500406996,"flow_dst_last_pkt_time":1686404500406996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686404500406996,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":44046,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686401776042881,"flow_src_last_pkt_time":1686401776042881,"flow_dst_last_pkt_time":1686401776042881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686404500406996,"l3_proto":"ip4","src_ip":"100.56.155.112","dst_ip":"90.141.37.56","src_port":12751,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":372,"packets-processed":371,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18927,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":365,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":365,"total-idle-flows":364,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1766,"global_ts_usec":1686408138334214} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":372,"packets-processed":371,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":18927,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":365,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":365,"total-idle-flows":364,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1766,"global_ts_usec":1686408138334214} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686408138334214,"flow_src_last_pkt_time":1686408138334214,"flow_dst_last_pkt_time":1686408138334214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686408138334214,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":47863,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":366,"flow_packet_id":1,"flow_src_last_pkt_time":1686408138334214,"flow_dst_last_pkt_time":1686408138334214,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686408138334214,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZbItJByWpOrM7r3AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686408138334214,"flow_src_last_pkt_time":1686408138334214,"flow_dst_last_pkt_time":1686408138334214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686408138334214,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":47863,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686404500406996,"flow_src_last_pkt_time":1686404500406996,"flow_dst_last_pkt_time":1686404500406996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686408138334214,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.111.212.50","src_port":44046,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":373,"packets-processed":372,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19025,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":366,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":366,"total-idle-flows":365,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1771,"global_ts_usec":1686409062599010} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":373,"packets-processed":372,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19025,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":366,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":366,"total-idle-flows":365,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1771,"global_ts_usec":1686409062599010} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686409062599010,"flow_src_last_pkt_time":1686409062599010,"flow_dst_last_pkt_time":1686409062599010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686409062599010,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"74.111.203.55","src_port":32952,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":367,"flow_packet_id":1,"flow_src_last_pkt_time":1686409062599010,"flow_dst_last_pkt_time":1686409062599010,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686409062599010,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAOsRrC8TY5KcSm\/LN4C4AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686409062599010,"flow_src_last_pkt_time":1686409062599010,"flow_dst_last_pkt_time":1686409062599010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686409062599010,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"74.111.203.55","src_port":32952,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686408138334214,"flow_src_last_pkt_time":1686408138334214,"flow_dst_last_pkt_time":1686408138334214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686409062599010,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"90.147.171.51","src_port":47863,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":374,"packets-processed":373,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19123,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":367,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":367,"total-idle-flows":366,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1776,"global_ts_usec":1686410047846257} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":374,"packets-processed":373,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19123,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":367,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":367,"total-idle-flows":366,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1776,"global_ts_usec":1686410047846257} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686410047846257,"flow_src_last_pkt_time":1686410047846257,"flow_dst_last_pkt_time":1686410047846257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686410047846257,"l3_proto":"ip4","src_ip":"209.124.163.157","dst_ip":"69.109.187.54","src_port":55599,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":368,"flow_packet_id":1,"flow_src_last_pkt_time":1686410047846257,"flow_dst_last_pkt_time":1686410047846257,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686410047846257,"pkt":"bpHurUgdPJTVQTiBCABFCAB+1DEAAOsRrC3RfKOdRW27NtkvAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686410047846257,"flow_src_last_pkt_time":1686410047846257,"flow_dst_last_pkt_time":1686410047846257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686410047846257,"l3_proto":"ip4","src_ip":"209.124.163.157","dst_ip":"69.109.187.54","src_port":55599,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686409062599010,"flow_src_last_pkt_time":1686409062599010,"flow_dst_last_pkt_time":1686409062599010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686410047846257,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"74.111.203.55","src_port":32952,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":375,"packets-processed":374,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19221,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":368,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":368,"total-idle-flows":367,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1781,"global_ts_usec":1686412803511471} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":375,"packets-processed":374,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19221,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":368,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":368,"total-idle-flows":367,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1781,"global_ts_usec":1686412803511471} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686412803511471,"flow_src_last_pkt_time":1686412803511471,"flow_dst_last_pkt_time":1686412803511471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686412803511471,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.145.180.58","src_port":54859,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":369,"flow_packet_id":1,"flow_src_last_pkt_time":1686412803511471,"flow_dst_last_pkt_time":1686412803511471,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686412803511471,"pkt":"bs1PogZtPJTVQTiBCABFCABLZYcAACQRXt\/jhlHUWpG0OtZLAasAN0c1AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686412803511471,"flow_src_last_pkt_time":1686412803511471,"flow_dst_last_pkt_time":1686412803511471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686412803511471,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.145.180.58","src_port":54859,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686410047846257,"flow_src_last_pkt_time":1686410047846257,"flow_dst_last_pkt_time":1686410047846257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686412803511471,"l3_proto":"ip4","src_ip":"209.124.163.157","dst_ip":"69.109.187.54","src_port":55599,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":376,"packets-processed":375,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19268,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":369,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":369,"total-idle-flows":368,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1786,"global_ts_usec":1686413757609123} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":376,"packets-processed":375,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19268,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":369,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":369,"total-idle-flows":368,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1786,"global_ts_usec":1686413757609123} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686413757609123,"flow_src_last_pkt_time":1686413757609123,"flow_dst_last_pkt_time":1686413757609123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686413757609123,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"186.112.202.53","src_port":49844,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":370,"flow_packet_id":1,"flow_src_last_pkt_time":1686413757609123,"flow_dst_last_pkt_time":1686413757609123,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686413757609123,"pkt":"xmjqc4OdPJTVQTiBCABFCAB+1DEAAOsRrCstg6GYunDKNcK0AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686413757609123,"flow_src_last_pkt_time":1686413757609123,"flow_dst_last_pkt_time":1686413757609123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686413757609123,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"186.112.202.53","src_port":49844,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1792,7 +1792,7 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":377,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":371,"flow_packet_id":1,"flow_src_last_pkt_time":1686414114295045,"flow_dst_last_pkt_time":1686414114295045,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686414114295045,"pkt":"bs1PogZtPJTVQTiBCABFCAB+1DEAAOsREgeGtJCVWpG0OsMfAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":377,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414114295045,"flow_src_last_pkt_time":1686414114295045,"flow_dst_last_pkt_time":1686414114295045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414114295045,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"90.145.180.58","src_port":49951,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686413757609123,"flow_src_last_pkt_time":1686413757609123,"flow_dst_last_pkt_time":1686413757609123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414114295045,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"186.112.202.53","src_port":49844,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":378,"packets-processed":377,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19464,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":371,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":371,"total-idle-flows":370,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1795,"global_ts_usec":1686414638495400} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":378,"packets-processed":377,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19464,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":371,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":371,"total-idle-flows":370,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1795,"global_ts_usec":1686414638495400} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414638495400,"flow_src_last_pkt_time":1686414638495400,"flow_dst_last_pkt_time":1686414638495400,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414638495400,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"85.111.52.57","src_port":42561,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":372,"flow_packet_id":1,"flow_src_last_pkt_time":1686414638495400,"flow_dst_last_pkt_time":1686414638495400,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686414638495400,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAO8RDcy4tKjwVW80OaZBAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":378,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414638495400,"flow_src_last_pkt_time":1686414638495400,"flow_dst_last_pkt_time":1686414638495400,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686414638495400,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"85.111.52.57","src_port":42561,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1801,7 +1801,7 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":379,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":373,"flow_packet_id":1,"flow_src_last_pkt_time":1686415196829472,"flow_dst_last_pkt_time":1686415196829472,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686415196829472,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsRrB3SfJyVpZBUPqOnAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":379,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686415196829472,"flow_src_last_pkt_time":1686415196829472,"flow_dst_last_pkt_time":1686415196829472,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686415196829472,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"165.144.84.62","src_port":41895,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686414638495400,"flow_src_last_pkt_time":1686414638495400,"flow_dst_last_pkt_time":1686414638495400,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686415196829472,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"85.111.52.57","src_port":42561,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":380,"packets-processed":379,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19660,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":373,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":373,"total-idle-flows":372,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1804,"global_ts_usec":1686418497785828} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":380,"packets-processed":379,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19660,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":373,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":373,"total-idle-flows":372,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1804,"global_ts_usec":1686418497785828} 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418497785828,"flow_src_last_pkt_time":1686418497785828,"flow_dst_last_pkt_time":1686418497785828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418497785828,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":45313,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":374,"flow_packet_id":1,"flow_src_last_pkt_time":1686418497785828,"flow_dst_last_pkt_time":1686418497785828,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686418497785828,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAOsREf22tHiLpXLKPbEBAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418497785828,"flow_src_last_pkt_time":1686418497785828,"flow_dst_last_pkt_time":1686418497785828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418497785828,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":45313,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1810,7 +1810,7 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":375,"flow_packet_id":1,"flow_src_last_pkt_time":1686418806265572,"flow_dst_last_pkt_time":1686418806265572,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686418806265572,"pkt":"3jHC4dyOPJTVQTiBCABFCAB+1DEAAOsRrCfQe7CaWo0lOORZAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418806265572,"flow_src_last_pkt_time":1686418806265572,"flow_dst_last_pkt_time":1686418806265572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418806265572,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"90.141.37.56","src_port":58457,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686418497785828,"flow_src_last_pkt_time":1686418497785828,"flow_dst_last_pkt_time":1686418497785828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686418806265572,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.114.202.61","src_port":45313,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":382,"packets-processed":381,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19856,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":375,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":375,"total-idle-flows":374,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1813,"global_ts_usec":1686419691124244} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":382,"packets-processed":381,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":19856,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":375,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":375,"total-idle-flows":374,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1813,"global_ts_usec":1686419691124244} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686419691124244,"flow_src_last_pkt_time":1686419691124244,"flow_dst_last_pkt_time":1686419691124244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686419691124244,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"85.111.52.57","src_port":38445,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":376,"flow_packet_id":1,"flow_src_last_pkt_time":1686419691124244,"flow_dst_last_pkt_time":1686419691124244,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686419691124244,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLEswAACQRsZcbhqncVW80OZYtAasAN4dQAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686419691124244,"flow_src_last_pkt_time":1686419691124244,"flow_dst_last_pkt_time":1686419691124244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686419691124244,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"85.111.52.57","src_port":38445,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1819,17 +1819,17 @@ 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":377,"flow_packet_id":1,"flow_src_last_pkt_time":1686420033978573,"flow_dst_last_pkt_time":1686420033978573,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686420033978573,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPMRpTTvZI2ZSm\/LN7ntAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686420033978573,"flow_src_last_pkt_time":1686420033978573,"flow_dst_last_pkt_time":1686420033978573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686420033978573,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"74.111.203.55","src_port":47597,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686419691124244,"flow_src_last_pkt_time":1686419691124244,"flow_dst_last_pkt_time":1686419691124244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686420033978573,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"85.111.52.57","src_port":38445,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":384,"packets-processed":383,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20001,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":377,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":377,"total-idle-flows":376,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1822,"global_ts_usec":1686427429600756} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":384,"packets-processed":383,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20001,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":377,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":377,"total-idle-flows":376,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1822,"global_ts_usec":1686427429600756} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686427429600756,"flow_src_last_pkt_time":1686427429600756,"flow_dst_last_pkt_time":1686427429600756,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686427429600756,"l3_proto":"ip4","src_ip":"157.121.130.117","dst_ip":"165.144.84.62","src_port":7470,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":378,"flow_packet_id":1,"flow_src_last_pkt_time":1686427429600756,"flow_dst_last_pkt_time":1686427429600756,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686427429600756,"pkt":"AAwp30Y4PJTVQTiBCABFAABLrRoAACYRJv+deYJ1pZBUPh0uAasANxH+AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686427429600756,"flow_src_last_pkt_time":1686427429600756,"flow_dst_last_pkt_time":1686427429600756,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686427429600756,"l3_proto":"ip4","src_ip":"157.121.130.117","dst_ip":"165.144.84.62","src_port":7470,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686420033978573,"flow_src_last_pkt_time":1686420033978573,"flow_dst_last_pkt_time":1686420033978573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686427429600756,"l3_proto":"ip4","src_ip":"239.100.141.153","dst_ip":"74.111.203.55","src_port":47597,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":385,"packets-processed":384,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20048,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":378,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":378,"total-idle-flows":377,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1827,"global_ts_usec":1686431866256173} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":385,"packets-processed":384,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20048,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":378,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":378,"total-idle-flows":377,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1827,"global_ts_usec":1686431866256173} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686431866256173,"flow_src_last_pkt_time":1686431866256173,"flow_dst_last_pkt_time":1686431866256173,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686431866256173,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.111.212.50","src_port":49319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":379,"flow_packet_id":1,"flow_src_last_pkt_time":1686431866256173,"flow_dst_last_pkt_time":1686431866256173,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686431866256173,"pkt":"AAwp30Y4PJTVQTiBCABFCABLx8kAACQR\/KIk523ZWm\/UMsCnAasAN1zfAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686431866256173,"flow_src_last_pkt_time":1686431866256173,"flow_dst_last_pkt_time":1686431866256173,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686431866256173,"l3_proto":"ip4","src_ip":"36.231.109.217","dst_ip":"90.111.212.50","src_port":49319,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686427429600756,"flow_src_last_pkt_time":1686427429600756,"flow_dst_last_pkt_time":1686427429600756,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686431866256173,"l3_proto":"ip4","src_ip":"157.121.130.117","dst_ip":"165.144.84.62","src_port":7470,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":386,"packets-processed":385,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20095,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":379,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":379,"total-idle-flows":378,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1832,"global_ts_usec":1686435052414223} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":386,"packets-processed":385,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20095,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":379,"total-detection-updates":0,"total-updates":60,"current-active-flows":1,"total-active-flows":379,"total-idle-flows":378,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1832,"global_ts_usec":1686435052414223} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435052414223,"flow_src_last_pkt_time":1686435052414223,"flow_dst_last_pkt_time":1686435052414223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435052414223,"l3_proto":"ip4","src_ip":"209.44.167.7","dst_ip":"90.111.212.50","src_port":53096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":380,"flow_packet_id":1,"flow_src_last_pkt_time":1686435052414223,"flow_dst_last_pkt_time":1686435052414223,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686435052414223,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRX1HRLKcHWm\/UMs9oAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435052414223,"flow_src_last_pkt_time":1686435052414223,"flow_dst_last_pkt_time":1686435052414223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435052414223,"l3_proto":"ip4","src_ip":"209.44.167.7","dst_ip":"90.111.212.50","src_port":53096,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1838,7 +1838,7 @@ 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":381,"flow_packet_id":1,"flow_src_last_pkt_time":1686435200937981,"flow_dst_last_pkt_time":1686435200937981,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686435200937981,"pkt":"AAwp30Y4PJTVQTiBCABFCABLhnIAACQRPfdjx03TpZBUPrMFAasAN2p+AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435200937981,"flow_src_last_pkt_time":1686435200937981,"flow_dst_last_pkt_time":1686435200937981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435200937981,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.144.84.62","src_port":45829,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686435052414223,"flow_src_last_pkt_time":1686435052414223,"flow_dst_last_pkt_time":1686435052414223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686435200937981,"l3_proto":"ip4","src_ip":"209.44.167.7","dst_ip":"90.111.212.50","src_port":53096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":388,"packets-processed":387,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20171,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":381,"total-detection-updates":0,"total-updates":61,"current-active-flows":2,"total-active-flows":381,"total-idle-flows":379,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1841,"global_ts_usec":1686438148010499} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":388,"packets-processed":387,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20171,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":381,"total-detection-updates":0,"total-updates":61,"current-active-flows":2,"total-active-flows":381,"total-idle-flows":379,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1841,"global_ts_usec":1686438148010499} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438148010499,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438148010499,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"85.111.52.57","src_port":44733,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_packet_id":1,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686438148010499,"pkt":"moT+\/Ph8PJTVQTiBCABFCABSAABAAOsRy+HXMP3JVW80Oa69AasAPg9AAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438148010499,"flow_src_last_pkt_time":1686438148010499,"flow_dst_last_pkt_time":1686438148010499,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438148010499,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"85.111.52.57","src_port":44733,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1887,7 +1887,7 @@ 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438260748204,"flow_src_last_pkt_time":1686438260748204,"flow_dst_last_pkt_time":1686438260748204,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.144.84.62","src_port":44352,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00989{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438308618262,"flow_src_last_pkt_time":1686438308618262,"flow_dst_last_pkt_time":1686438308618262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"165.114.202.61","src_port":53506,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686438242172290,"flow_src_last_pkt_time":1686438242172290,"flow_dst_last_pkt_time":1686438242172290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686438369437015,"l3_proto":"ip4","src_ip":"215.48.253.201","dst_ip":"90.145.180.58","src_port":46653,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":397,"packets-processed":396,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20657,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":390,"total-detection-updates":0,"total-updates":78,"current-active-flows":7,"total-active-flows":390,"total-idle-flows":383,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1890,"global_ts_usec":1686442660761538} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":397,"packets-processed":396,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20657,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":390,"total-detection-updates":0,"total-updates":78,"current-active-flows":7,"total-active-flows":390,"total-idle-flows":383,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1890,"global_ts_usec":1686442660761538} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686442660761538,"flow_src_last_pkt_time":1686442660761538,"flow_dst_last_pkt_time":1686442660761538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"44.242.231.77","dst_ip":"186.112.202.53","src_port":50261,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":391,"flow_packet_id":1,"flow_src_last_pkt_time":1686442660761538,"flow_dst_last_pkt_time":1686442660761538,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686442660761538,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPoRXpQs8udNunDKNcRVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00951{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686442660761538,"flow_src_last_pkt_time":1686442660761538,"flow_dst_last_pkt_time":1686442660761538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686442660761538,"l3_proto":"ip4","src_ip":"44.242.231.77","dst_ip":"186.112.202.53","src_port":50261,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1902,17 +1902,17 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":392,"flow_packet_id":1,"flow_src_last_pkt_time":1686443032934623,"flow_dst_last_pkt_time":1686443032934623,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686443032934623,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRbWgl6mQgWpG0Ot3tAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443032934623,"flow_src_last_pkt_time":1686443032934623,"flow_dst_last_pkt_time":1686443032934623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443032934623,"l3_proto":"ip4","src_ip":"37.234.100.32","dst_ip":"90.145.180.58","src_port":56813,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00990{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686442660761538,"flow_src_last_pkt_time":1686442660761538,"flow_dst_last_pkt_time":1686442660761538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443032934623,"l3_proto":"ip4","src_ip":"44.242.231.77","dst_ip":"186.112.202.53","src_port":50261,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":399,"packets-processed":398,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20715,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":392,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":392,"total-idle-flows":391,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1905,"global_ts_usec":1686443411193185} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":399,"packets-processed":398,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20715,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":392,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":392,"total-idle-flows":391,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1905,"global_ts_usec":1686443411193185} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443411193185,"flow_src_last_pkt_time":1686443411193185,"flow_dst_last_pkt_time":1686443411193185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443411193185,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":44054,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":393,"flow_packet_id":1,"flow_src_last_pkt_time":1686443411193185,"flow_dst_last_pkt_time":1686443411193185,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686443411193185,"pkt":"3jHC4dyOPJTVQTiBCABFCABLjXwAACQRNugbhqncWo0lOKwWAasAN3FoAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443411193185,"flow_src_last_pkt_time":1686443411193185,"flow_dst_last_pkt_time":1686443411193185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443411193185,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":44054,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443032934623,"flow_src_last_pkt_time":1686443032934623,"flow_dst_last_pkt_time":1686443032934623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686443411193185,"l3_proto":"ip4","src_ip":"37.234.100.32","dst_ip":"90.145.180.58","src_port":56813,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":400,"packets-processed":399,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20762,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":393,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":393,"total-idle-flows":392,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1910,"global_ts_usec":1686448122797857} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":400,"packets-processed":399,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20762,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":393,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":393,"total-idle-flows":392,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1910,"global_ts_usec":1686448122797857} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686448122797857,"flow_src_last_pkt_time":1686448122797857,"flow_dst_last_pkt_time":1686448122797857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686448122797857,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":46249,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":394,"flow_packet_id":1,"flow_src_last_pkt_time":1686448122797857,"flow_dst_last_pkt_time":1686448122797857,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686448122797857,"pkt":"ipffLU2SPJTVQTiBCABFCABSQJAAAGsR1glDnxCWSm\/LN7SpAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686448122797857,"flow_src_last_pkt_time":1686448122797857,"flow_dst_last_pkt_time":1686448122797857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686448122797857,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"74.111.203.55","src_port":46249,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686443411193185,"flow_src_last_pkt_time":1686443411193185,"flow_dst_last_pkt_time":1686443411193185,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686448122797857,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"90.141.37.56","src_port":44054,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":401,"packets-processed":400,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20816,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":394,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":394,"total-idle-flows":393,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1915,"global_ts_usec":1686453545484404} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":401,"packets-processed":400,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20816,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":394,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":394,"total-idle-flows":393,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1915,"global_ts_usec":1686453545484404} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686453545484404,"flow_src_last_pkt_time":1686453545484404,"flow_dst_last_pkt_time":1686453545484404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686453545484404,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"74.111.203.55","src_port":64251,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":395,"flow_packet_id":1,"flow_src_last_pkt_time":1686453545484404,"flow_dst_last_pkt_time":1686453545484404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686453545484404,"pkt":"ipffLU2SPJTVQTiBCABFCABLA5wAACQRwMwbhqncSm\/LN\/r7AasANyKHAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686453545484404,"flow_src_last_pkt_time":1686453545484404,"flow_dst_last_pkt_time":1686453545484404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686453545484404,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"74.111.203.55","src_port":64251,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1921,7 +1921,7 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":396,"flow_packet_id":1,"flow_src_last_pkt_time":1686454040614924,"flow_dst_last_pkt_time":1686454040614924,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686454040614924,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+VZxAADMRS4lYRyo6pZBUPjxoAasAKox5AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454040614924,"flow_src_last_pkt_time":1686454040614924,"flow_dst_last_pkt_time":1686454040614924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454040614924,"l3_proto":"ip4","src_ip":"88.71.42.58","dst_ip":"165.144.84.62","src_port":15464,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686453545484404,"flow_src_last_pkt_time":1686453545484404,"flow_dst_last_pkt_time":1686453545484404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454040614924,"l3_proto":"ip4","src_ip":"27.134.169.220","dst_ip":"74.111.203.55","src_port":64251,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":403,"packets-processed":402,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20897,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":396,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":396,"total-idle-flows":395,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1924,"global_ts_usec":1686454835524989} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":403,"packets-processed":402,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20897,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":396,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":396,"total-idle-flows":395,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1924,"global_ts_usec":1686454835524989} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454835524989,"flow_src_last_pkt_time":1686454835524989,"flow_dst_last_pkt_time":1686454835524989,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454835524989,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"186.112.202.53","src_port":29227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":397,"flow_packet_id":1,"flow_src_last_pkt_time":1686454835524989,"flow_dst_last_pkt_time":1686454835524989,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686454835524989,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+jJRAADMRFJq\/Pts5unDKNXIrAasAKla\/AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454835524989,"flow_src_last_pkt_time":1686454835524989,"flow_dst_last_pkt_time":1686454835524989,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686454835524989,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"186.112.202.53","src_port":29227,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1930,7 +1930,7 @@ 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":404,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":398,"flow_packet_id":1,"flow_src_last_pkt_time":1686455045546385,"flow_dst_last_pkt_time":1686455045546385,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686455045546385,"pkt":"bpHurUgdPJTVQTiBCABFAAA+lIxAADMRDKe+Ryo2RW27NrkEAasAKg\/rAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":404,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455045546385,"flow_src_last_pkt_time":1686455045546385,"flow_dst_last_pkt_time":1686455045546385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455045546385,"l3_proto":"ip4","src_ip":"190.71.42.54","dst_ip":"69.109.187.54","src_port":47364,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686454835524989,"flow_src_last_pkt_time":1686454835524989,"flow_dst_last_pkt_time":1686454835524989,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455045546385,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"186.112.202.53","src_port":29227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":405,"packets-processed":404,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20965,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":398,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":398,"total-idle-flows":397,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1933,"global_ts_usec":1686455864946730} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":405,"packets-processed":404,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":20965,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":398,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":398,"total-idle-flows":397,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1933,"global_ts_usec":1686455864946730} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455864946730,"flow_src_last_pkt_time":1686455864946730,"flow_dst_last_pkt_time":1686455864946730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455864946730,"l3_proto":"ip4","src_ip":"166.62.197.60","dst_ip":"165.114.202.61","src_port":35606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":399,"flow_packet_id":1,"flow_src_last_pkt_time":1686455864946730,"flow_dst_last_pkt_time":1686455864946730,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686455864946730,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+EMNAADMRkF2mPsU8pXLKPYsWAasAKj3GAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455864946730,"flow_src_last_pkt_time":1686455864946730,"flow_dst_last_pkt_time":1686455864946730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686455864946730,"l3_proto":"ip4","src_ip":"166.62.197.60","dst_ip":"165.114.202.61","src_port":35606,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1939,7 +1939,7 @@ 00561{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":400,"flow_packet_id":1,"flow_src_last_pkt_time":1686456361937981,"flow_dst_last_pkt_time":1686456361937981,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686456361937981,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+GgRAADMRhy2\/Pts5Wm\/UMkj9AasAKn\/wAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456361937981,"flow_src_last_pkt_time":1686456361937981,"flow_dst_last_pkt_time":1686456361937981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456361937981,"l3_proto":"ip4","src_ip":"191.62.219.57","dst_ip":"90.111.212.50","src_port":18685,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686455864946730,"flow_src_last_pkt_time":1686455864946730,"flow_dst_last_pkt_time":1686455864946730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456361937981,"l3_proto":"ip4","src_ip":"166.62.197.60","dst_ip":"165.114.202.61","src_port":35606,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":407,"packets-processed":406,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21033,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":400,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":400,"total-idle-flows":399,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1942,"global_ts_usec":1686456730972924} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":407,"packets-processed":406,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21033,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":400,"total-detection-updates":0,"total-updates":78,"current-active-flows":1,"total-active-flows":400,"total-idle-flows":399,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1942,"global_ts_usec":1686456730972924} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456730972924,"flow_src_last_pkt_time":1686456730972924,"flow_dst_last_pkt_time":1686456730972924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456730972924,"l3_proto":"ip4","src_ip":"88.70.212.56","dst_ip":"85.111.52.57","src_port":65013,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":401,"flow_packet_id":1,"flow_src_last_pkt_time":1686456730972924,"flow_dst_last_pkt_time":1686456730972924,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686456730972924,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+jhRAADMRExhYRtQ4VW80Of31AasAKsryAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456730972924,"flow_src_last_pkt_time":1686456730972924,"flow_dst_last_pkt_time":1686456730972924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686456730972924,"l3_proto":"ip4","src_ip":"88.70.212.56","dst_ip":"85.111.52.57","src_port":65013,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1953,27 +1953,27 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":409,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457196084311,"flow_src_last_pkt_time":1686457196084311,"flow_dst_last_pkt_time":1686457196084311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457196084311,"l3_proto":"ip4","src_ip":"161.199.58.19","dst_ip":"90.147.171.51","src_port":64864,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456730972924,"flow_src_last_pkt_time":1686456730972924,"flow_dst_last_pkt_time":1686456730972924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457196084311,"l3_proto":"ip4","src_ip":"88.70.212.56","dst_ip":"85.111.52.57","src_port":65013,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686456819293547,"flow_src_last_pkt_time":1686456819293547,"flow_dst_last_pkt_time":1686456819293547,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457196084311,"l3_proto":"ip4","src_ip":"184.199.42.59","dst_ip":"90.141.37.56","src_port":42047,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":410,"packets-processed":409,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21135,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":403,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":403,"total-idle-flows":402,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1956,"global_ts_usec":1686457611262806} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":410,"packets-processed":409,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21135,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":403,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":403,"total-idle-flows":402,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1956,"global_ts_usec":1686457611262806} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457611262806,"flow_src_last_pkt_time":1686457611262806,"flow_dst_last_pkt_time":1686457611262806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457611262806,"l3_proto":"ip4","src_ip":"161.62.218.52","dst_ip":"74.111.203.55","src_port":37093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":404,"flow_packet_id":1,"flow_src_last_pkt_time":1686457611262806,"flow_dst_last_pkt_time":1686457611262806,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686457611262806,"pkt":"ipffLU2SPJTVQTiBCABFAAA+elpAADMRJtihPto0Sm\/LN5DlAasAKjgJAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":410,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457611262806,"flow_src_last_pkt_time":1686457611262806,"flow_dst_last_pkt_time":1686457611262806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457611262806,"l3_proto":"ip4","src_ip":"161.62.218.52","dst_ip":"74.111.203.55","src_port":37093,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457196084311,"flow_src_last_pkt_time":1686457196084311,"flow_dst_last_pkt_time":1686457196084311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686457611262806,"l3_proto":"ip4","src_ip":"161.199.58.19","dst_ip":"90.147.171.51","src_port":64864,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":411,"packets-processed":410,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21169,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":404,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":404,"total-idle-flows":403,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1961,"global_ts_usec":1686459303680190} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":411,"packets-processed":410,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21169,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":404,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":404,"total-idle-flows":403,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1961,"global_ts_usec":1686459303680190} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686459303680190,"flow_src_last_pkt_time":1686459303680190,"flow_dst_last_pkt_time":1686459303680190,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686459303680190,"l3_proto":"ip4","src_ip":"194.43.223.106","dst_ip":"165.114.202.61","src_port":55142,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":405,"flow_packet_id":1,"flow_src_last_pkt_time":1686459303680190,"flow_dst_last_pkt_time":1686459303680190,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686459303680190,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbZLCK99qpXLKPddmAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686459303680190,"flow_src_last_pkt_time":1686459303680190,"flow_dst_last_pkt_time":1686459303680190,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686459303680190,"l3_proto":"ip4","src_ip":"194.43.223.106","dst_ip":"165.114.202.61","src_port":55142,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686457611262806,"flow_src_last_pkt_time":1686457611262806,"flow_dst_last_pkt_time":1686457611262806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686459303680190,"l3_proto":"ip4","src_ip":"161.62.218.52","dst_ip":"74.111.203.55","src_port":37093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":412,"packets-processed":411,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21198,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":405,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":405,"total-idle-flows":404,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1966,"global_ts_usec":1686460297406877} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":412,"packets-processed":411,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21198,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":405,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":405,"total-idle-flows":404,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1966,"global_ts_usec":1686460297406877} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686460297406877,"flow_src_last_pkt_time":1686460297406877,"flow_dst_last_pkt_time":1686460297406877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686460297406877,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"85.111.52.57","src_port":33255,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":406,"flow_packet_id":1,"flow_src_last_pkt_time":1686460297406877,"flow_dst_last_pkt_time":1686460297406877,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686460297406877,"pkt":"moT+\/Ph8PJTVQTiBCABFAABL8BcAACYR5Ajinvx\/VW80OYHnAasAN61LAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686460297406877,"flow_src_last_pkt_time":1686460297406877,"flow_dst_last_pkt_time":1686460297406877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686460297406877,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"85.111.52.57","src_port":33255,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686459303680190,"flow_src_last_pkt_time":1686459303680190,"flow_dst_last_pkt_time":1686459303680190,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686460297406877,"l3_proto":"ip4","src_ip":"194.43.223.106","dst_ip":"165.114.202.61","src_port":55142,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":413,"packets-processed":412,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21245,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":406,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":406,"total-idle-flows":405,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1971,"global_ts_usec":1686461245285022} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":413,"packets-processed":412,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21245,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":406,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":406,"total-idle-flows":405,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1971,"global_ts_usec":1686461245285022} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686461245285022,"flow_src_last_pkt_time":1686461245285022,"flow_dst_last_pkt_time":1686461245285022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686461245285022,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":36149,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":407,"flow_packet_id":1,"flow_src_last_pkt_time":1686461245285022,"flow_dst_last_pkt_time":1686461245285022,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686461245285022,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPURKLnIH5CeunDKNY01AasAJV1CAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686461245285022,"flow_src_last_pkt_time":1686461245285022,"flow_dst_last_pkt_time":1686461245285022,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686461245285022,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":36149,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686460297406877,"flow_src_last_pkt_time":1686460297406877,"flow_dst_last_pkt_time":1686460297406877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686461245285022,"l3_proto":"ip4","src_ip":"226.158.252.127","dst_ip":"85.111.52.57","src_port":33255,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":414,"packets-processed":413,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21274,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":407,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":407,"total-idle-flows":406,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1976,"global_ts_usec":1686462756222356} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":414,"packets-processed":413,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21274,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":407,"total-detection-updates":0,"total-updates":79,"current-active-flows":1,"total-active-flows":407,"total-idle-flows":406,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1976,"global_ts_usec":1686462756222356} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686462756222356,"flow_src_last_pkt_time":1686462756222356,"flow_dst_last_pkt_time":1686462756222356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686462756222356,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":45294,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":408,"flow_packet_id":1,"flow_src_last_pkt_time":1686462756222356,"flow_dst_last_pkt_time":1686462756222356,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686462756222356,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPbDuAasAJTmBAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686462756222356,"flow_src_last_pkt_time":1686462756222356,"flow_dst_last_pkt_time":1686462756222356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686462756222356,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":45294,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -1986,7 +1986,7 @@ 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":410,"flow_packet_id":1,"flow_src_last_pkt_time":1686463232786177,"flow_dst_last_pkt_time":1686463232786177,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686463232786177,"pkt":"AAwp30Y4PJTVQTiBCABFAABLPb8AACYRlmBdZnxwWpOrMyrYAasANwRaAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463232786177,"flow_src_last_pkt_time":1686463232786177,"flow_dst_last_pkt_time":1686463232786177,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463232786177,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"90.147.171.51","src_port":10968,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463066276572,"flow_src_last_pkt_time":1686463066276572,"flow_dst_last_pkt_time":1686463066276572,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463232786177,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":45056,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":417,"packets-processed":416,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21379,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":410,"total-detection-updates":0,"total-updates":80,"current-active-flows":2,"total-active-flows":410,"total-idle-flows":408,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1989,"global_ts_usec":1686463744473624} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":417,"packets-processed":416,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21379,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":410,"total-detection-updates":0,"total-updates":80,"current-active-flows":2,"total-active-flows":410,"total-idle-flows":408,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":1989,"global_ts_usec":1686463744473624} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463744473624,"flow_src_last_pkt_time":1686463744473624,"flow_dst_last_pkt_time":1686463744473624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463744473624,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54431,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":411,"flow_packet_id":1,"flow_src_last_pkt_time":1686463744473624,"flow_dst_last_pkt_time":1686463744473624,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686463744473624,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lONSfAasAJRXWAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463744473624,"flow_src_last_pkt_time":1686463744473624,"flow_dst_last_pkt_time":1686463744473624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686463744473624,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54431,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2000,7 +2000,7 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":413,"flow_packet_id":1,"flow_src_last_pkt_time":1686464114985492,"flow_dst_last_pkt_time":1686464114985492,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686464114985492,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27NsnbAasAJSCdAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686464114985492,"flow_src_last_pkt_time":1686464114985492,"flow_dst_last_pkt_time":1686464114985492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686464114985492,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":51675,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686463955005585,"flow_src_last_pkt_time":1686463955005585,"flow_dst_last_pkt_time":1686463955005585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686464114985492,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":59262,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":420,"packets-processed":419,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21466,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":413,"total-detection-updates":0,"total-updates":81,"current-active-flows":2,"total-active-flows":413,"total-idle-flows":411,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2003,"global_ts_usec":1686465127922786} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":420,"packets-processed":419,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21466,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":413,"total-detection-updates":0,"total-updates":81,"current-active-flows":2,"total-active-flows":413,"total-idle-flows":411,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2003,"global_ts_usec":1686465127922786} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465127922786,"flow_src_last_pkt_time":1686465127922786,"flow_dst_last_pkt_time":1686465127922786,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465127922786,"l3_proto":"ip4","src_ip":"174.237.64.176","dst_ip":"90.141.37.56","src_port":49218,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":414,"flow_packet_id":1,"flow_src_last_pkt_time":1686465127922786,"flow_dst_last_pkt_time":1686465127922786,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686465127922786,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRYA6u7UCwWo0lOMBCAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465127922786,"flow_src_last_pkt_time":1686465127922786,"flow_dst_last_pkt_time":1686465127922786,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465127922786,"l3_proto":"ip4","src_ip":"174.237.64.176","dst_ip":"90.141.37.56","src_port":49218,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2013,23 +2013,23 @@ 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465448467764,"flow_src_last_pkt_time":1686465448467764,"flow_dst_last_pkt_time":1686465448467764,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465448467764,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":57245,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":416,"flow_packet_id":1,"flow_src_last_pkt_time":1686465448467764,"flow_dst_last_pkt_time":1686465448467764,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686465448467764,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80Od+dAasAJQrXAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465448467764,"flow_src_last_pkt_time":1686465448467764,"flow_dst_last_pkt_time":1686465448467764,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686465448467764,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":57245,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":423,"packets-processed":422,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21553,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":416,"total-detection-updates":0,"total-updates":81,"current-active-flows":2,"total-active-flows":416,"total-idle-flows":414,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2016,"global_ts_usec":1686466394503634} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":423,"packets-processed":422,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21553,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":416,"total-detection-updates":0,"total-updates":81,"current-active-flows":2,"total-active-flows":416,"total-idle-flows":414,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2016,"global_ts_usec":1686466394503634} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686466394503634,"flow_src_last_pkt_time":1686466394503634,"flow_dst_last_pkt_time":1686466394503634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686466394503634,"l3_proto":"ip4","src_ip":"193.219.252.221","dst_ip":"90.147.171.51","src_port":51650,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":417,"flow_packet_id":1,"flow_src_last_pkt_time":1686466394503634,"flow_dst_last_pkt_time":1686466394503634,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686466394503634,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbcTB2\/zdWpOrM8nCAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686466394503634,"flow_src_last_pkt_time":1686466394503634,"flow_dst_last_pkt_time":1686466394503634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686466394503634,"l3_proto":"ip4","src_ip":"193.219.252.221","dst_ip":"90.147.171.51","src_port":51650,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465406790123,"flow_src_last_pkt_time":1686465406790123,"flow_dst_last_pkt_time":1686465406790123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686466394503634,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":57345,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686465448467764,"flow_src_last_pkt_time":1686465448467764,"flow_dst_last_pkt_time":1686465448467764,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686466394503634,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":57245,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":424,"packets-processed":423,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21582,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":417,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":417,"total-idle-flows":416,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2022,"global_ts_usec":1686467393700733} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":424,"packets-processed":423,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21582,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":417,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":417,"total-idle-flows":416,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2022,"global_ts_usec":1686467393700733} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686467393700733,"flow_src_last_pkt_time":1686467393700733,"flow_dst_last_pkt_time":1686467393700733,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686467393700733,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41180,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":418,"flow_packet_id":1,"flow_src_last_pkt_time":1686467393700733,"flow_dst_last_pkt_time":1686467393700733,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686467393700733,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN6DcAasAJUmdAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686467393700733,"flow_src_last_pkt_time":1686467393700733,"flow_dst_last_pkt_time":1686467393700733,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686467393700733,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41180,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686466394503634,"flow_src_last_pkt_time":1686466394503634,"flow_dst_last_pkt_time":1686466394503634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686467393700733,"l3_proto":"ip4","src_ip":"193.219.252.221","dst_ip":"90.147.171.51","src_port":51650,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":425,"packets-processed":424,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21611,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":418,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":418,"total-idle-flows":417,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2027,"global_ts_usec":1686469130125468} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":425,"packets-processed":424,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21611,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":418,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":418,"total-idle-flows":417,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2027,"global_ts_usec":1686469130125468} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686469130125468,"flow_src_last_pkt_time":1686469130125468,"flow_dst_last_pkt_time":1686469130125468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686469130125468,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":40785,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":419,"flow_packet_id":1,"flow_src_last_pkt_time":1686469130125468,"flow_dst_last_pkt_time":1686469130125468,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686469130125468,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMp9RAasAJUspAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686469130125468,"flow_src_last_pkt_time":1686469130125468,"flow_dst_last_pkt_time":1686469130125468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686469130125468,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":40785,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686467393700733,"flow_src_last_pkt_time":1686467393700733,"flow_dst_last_pkt_time":1686467393700733,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686469130125468,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":41180,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":426,"packets-processed":425,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21640,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":419,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":419,"total-idle-flows":418,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2032,"global_ts_usec":1686473127013443} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":426,"packets-processed":425,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21640,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":419,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":419,"total-idle-flows":418,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2032,"global_ts_usec":1686473127013443} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473127013443,"flow_src_last_pkt_time":1686473127013443,"flow_dst_last_pkt_time":1686473127013443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473127013443,"l3_proto":"ip4","src_ip":"174.18.32.224","dst_ip":"74.111.203.55","src_port":53272,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":420,"flow_packet_id":1,"flow_src_last_pkt_time":1686473127013443,"flow_dst_last_pkt_time":1686473127013443,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686473127013443,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRX\/muEiDgSm\/LN9AYAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473127013443,"flow_src_last_pkt_time":1686473127013443,"flow_dst_last_pkt_time":1686473127013443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473127013443,"l3_proto":"ip4","src_ip":"174.18.32.224","dst_ip":"74.111.203.55","src_port":53272,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2038,22 +2038,22 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":421,"flow_packet_id":1,"flow_src_last_pkt_time":1686473724125289,"flow_dst_last_pkt_time":1686473724125289,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686473724125289,"pkt":"bpHurUgdPJTVQTiBCABFCAB+1DEAAOsRrCDthLCIRW27NubXAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473724125289,"flow_src_last_pkt_time":1686473724125289,"flow_dst_last_pkt_time":1686473724125289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473724125289,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"69.109.187.54","src_port":59095,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473127013443,"flow_src_last_pkt_time":1686473127013443,"flow_dst_last_pkt_time":1686473127013443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686473724125289,"l3_proto":"ip4","src_ip":"174.18.32.224","dst_ip":"74.111.203.55","src_port":53272,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":428,"packets-processed":427,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21767,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":421,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":421,"total-idle-flows":420,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2041,"global_ts_usec":1686474011529942} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":428,"packets-processed":427,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21767,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":421,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":421,"total-idle-flows":420,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2041,"global_ts_usec":1686474011529942} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686474011529942,"flow_src_last_pkt_time":1686474011529942,"flow_dst_last_pkt_time":1686474011529942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686474011529942,"l3_proto":"ip4","src_ip":"37.36.31.210","dst_ip":"165.144.84.62","src_port":53791,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":422,"flow_packet_id":1,"flow_src_last_pkt_time":1686474011529942,"flow_dst_last_pkt_time":1686474011529942,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686474011529942,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbMMlJB\/SpZBUPtIfAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686474011529942,"flow_src_last_pkt_time":1686474011529942,"flow_dst_last_pkt_time":1686474011529942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686474011529942,"l3_proto":"ip4","src_ip":"37.36.31.210","dst_ip":"165.144.84.62","src_port":53791,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686473724125289,"flow_src_last_pkt_time":1686473724125289,"flow_dst_last_pkt_time":1686473724125289,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686474011529942,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"69.109.187.54","src_port":59095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":429,"packets-processed":428,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21796,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":422,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":422,"total-idle-flows":421,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2046,"global_ts_usec":1686475183417032} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":429,"packets-processed":428,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21796,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":422,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":422,"total-idle-flows":421,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2046,"global_ts_usec":1686475183417032} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475183417032,"flow_src_last_pkt_time":1686475183417032,"flow_dst_last_pkt_time":1686475183417032,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475183417032,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":34976,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":423,"flow_packet_id":1,"flow_src_last_pkt_time":1686475183417032,"flow_dst_last_pkt_time":1686475183417032,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686475183417032,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLWusAACIRb79b\/2t0VW80OYigAasAN5kkAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475183417032,"flow_src_last_pkt_time":1686475183417032,"flow_dst_last_pkt_time":1686475183417032,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475183417032,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":34976,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686474011529942,"flow_src_last_pkt_time":1686474011529942,"flow_dst_last_pkt_time":1686474011529942,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475183417032,"l3_proto":"ip4","src_ip":"37.36.31.210","dst_ip":"165.144.84.62","src_port":53791,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":430,"packets-processed":429,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21843,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":423,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":423,"total-idle-flows":422,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2051,"global_ts_usec":1686475826792753} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":430,"packets-processed":429,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21843,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":423,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":423,"total-idle-flows":422,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2051,"global_ts_usec":1686475826792753} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475826792753,"flow_src_last_pkt_time":1686475826792753,"flow_dst_last_pkt_time":1686475826792753,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475826792753,"l3_proto":"ip4","src_ip":"47.51.0.222","dst_ip":"69.109.187.54","src_port":53190,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":424,"flow_packet_id":1,"flow_src_last_pkt_time":1686475826792753,"flow_dst_last_pkt_time":1686475826792753,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686475826792753,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRXtkvMwDeRW27Ns\/GAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475826792753,"flow_src_last_pkt_time":1686475826792753,"flow_dst_last_pkt_time":1686475826792753,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475826792753,"l3_proto":"ip4","src_ip":"47.51.0.222","dst_ip":"69.109.187.54","src_port":53190,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686475183417032,"flow_src_last_pkt_time":1686475183417032,"flow_dst_last_pkt_time":1686475183417032,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686475826792753,"l3_proto":"ip4","src_ip":"91.255.107.116","dst_ip":"85.111.52.57","src_port":34976,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":431,"packets-processed":430,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21872,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":424,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":424,"total-idle-flows":423,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2056,"global_ts_usec":1686495926985957} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":431,"packets-processed":430,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":21872,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":424,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":424,"total-idle-flows":423,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2056,"global_ts_usec":1686495926985957} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686495926985957,"flow_src_last_pkt_time":1686495926985957,"flow_dst_last_pkt_time":1686495926985957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686495926985957,"l3_proto":"ip4","src_ip":"238.156.97.151","dst_ip":"74.111.203.55","src_port":35769,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":425,"flow_packet_id":1,"flow_src_last_pkt_time":1686495926985957,"flow_dst_last_pkt_time":1686495926985957,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686495926985957,"pkt":"ipffLU2SPJTVQTiBCABFCAB+1DEAAO0RqinunGGXSm\/LN4u5AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686495926985957,"flow_src_last_pkt_time":1686495926985957,"flow_dst_last_pkt_time":1686495926985957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686495926985957,"l3_proto":"ip4","src_ip":"238.156.97.151","dst_ip":"74.111.203.55","src_port":35769,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2062,17 +2062,17 @@ 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":432,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":426,"flow_packet_id":1,"flow_src_last_pkt_time":1686496447196573,"flow_dst_last_pkt_time":1686496447196573,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686496447196573,"pkt":"moT+\/Ph8PJTVQTiBCABFCAB+1DEAAO0REAmGtJCVVW80OYPRAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":432,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686496447196573,"flow_src_last_pkt_time":1686496447196573,"flow_dst_last_pkt_time":1686496447196573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686496447196573,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":33745,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686495926985957,"flow_src_last_pkt_time":1686495926985957,"flow_dst_last_pkt_time":1686495926985957,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686496447196573,"l3_proto":"ip4","src_ip":"238.156.97.151","dst_ip":"74.111.203.55","src_port":35769,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":433,"packets-processed":432,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22068,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":426,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":426,"total-idle-flows":425,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2065,"global_ts_usec":1686497167515992} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":433,"packets-processed":432,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22068,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":426,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":426,"total-idle-flows":425,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2065,"global_ts_usec":1686497167515992} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686497167515992,"flow_src_last_pkt_time":1686497167515992,"flow_dst_last_pkt_time":1686497167515992,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686497167515992,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.147.171.51","src_port":37012,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":427,"flow_packet_id":1,"flow_src_last_pkt_time":1686497167515992,"flow_dst_last_pkt_time":1686497167515992,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686497167515992,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCZf2S2hzWpOrM5CUAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686497167515992,"flow_src_last_pkt_time":1686497167515992,"flow_dst_last_pkt_time":1686497167515992,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686497167515992,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.147.171.51","src_port":37012,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686496447196573,"flow_src_last_pkt_time":1686496447196573,"flow_dst_last_pkt_time":1686496447196573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686497167515992,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":33745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":434,"packets-processed":433,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22166,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":427,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":427,"total-idle-flows":426,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2070,"global_ts_usec":1686499664191010} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":434,"packets-processed":433,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22166,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":427,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":427,"total-idle-flows":426,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2070,"global_ts_usec":1686499664191010} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686499664191010,"flow_src_last_pkt_time":1686499664191010,"flow_dst_last_pkt_time":1686499664191010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686499664191010,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":54319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":428,"flow_packet_id":1,"flow_src_last_pkt_time":1686499664191010,"flow_dst_last_pkt_time":1686499664191010,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686499664191010,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAO8RDcZGtG\/xpXLKPdQvAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686499664191010,"flow_src_last_pkt_time":1686499664191010,"flow_dst_last_pkt_time":1686499664191010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686499664191010,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.114.202.61","src_port":54319,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686497167515992,"flow_src_last_pkt_time":1686497167515992,"flow_dst_last_pkt_time":1686497167515992,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686499664191010,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.147.171.51","src_port":37012,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":435,"packets-processed":434,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22264,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":428,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":428,"total-idle-flows":427,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2075,"global_ts_usec":1686501344601870} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":435,"packets-processed":434,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22264,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":428,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":428,"total-idle-flows":427,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2075,"global_ts_usec":1686501344601870} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501344601870,"flow_src_last_pkt_time":1686501344601870,"flow_dst_last_pkt_time":1686501344601870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501344601870,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.111.212.50","src_port":59479,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":429,"flow_packet_id":1,"flow_src_last_pkt_time":1686501344601870,"flow_dst_last_pkt_time":1686501344601870,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686501344601870,"pkt":"AAwp30Y4PJTVQTiBCABFCAB+1DEAAO0RqjATY5KcWm\/UMuhXAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501344601870,"flow_src_last_pkt_time":1686501344601870,"flow_dst_last_pkt_time":1686501344601870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501344601870,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.111.212.50","src_port":59479,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2085,72 +2085,72 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":437,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501844780096,"flow_src_last_pkt_time":1686501844780096,"flow_dst_last_pkt_time":1686501844780096,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501844780096,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"74.111.203.55","src_port":16085,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501359797956,"flow_src_last_pkt_time":1686501359797956,"flow_dst_last_pkt_time":1686501359797956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501844780096,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.145.180.58","src_port":46227,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501344601870,"flow_src_last_pkt_time":1686501344601870,"flow_dst_last_pkt_time":1686501344601870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686501844780096,"l3_proto":"ip4","src_ip":"19.99.146.156","dst_ip":"90.111.212.50","src_port":59479,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":438,"packets-processed":437,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22507,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":431,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":431,"total-idle-flows":430,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2088,"global_ts_usec":1686503041221893} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":438,"packets-processed":437,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22507,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":431,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":431,"total-idle-flows":430,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2088,"global_ts_usec":1686503041221893} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503041221893,"flow_src_last_pkt_time":1686503041221893,"flow_dst_last_pkt_time":1686503041221893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503041221893,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":37571,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":432,"flow_packet_id":1,"flow_src_last_pkt_time":1686503041221893,"flow_dst_last_pkt_time":1686503041221893,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686503041221893,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRCZH2S2hzWo0lOJLDAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503041221893,"flow_src_last_pkt_time":1686503041221893,"flow_dst_last_pkt_time":1686503041221893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503041221893,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":37571,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686501844780096,"flow_src_last_pkt_time":1686501844780096,"flow_dst_last_pkt_time":1686501844780096,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503041221893,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"74.111.203.55","src_port":16085,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":439,"packets-processed":438,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22605,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":432,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":432,"total-idle-flows":431,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2093,"global_ts_usec":1686503642111524} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":439,"packets-processed":438,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22605,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":432,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":432,"total-idle-flows":431,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2093,"global_ts_usec":1686503642111524} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503642111524,"flow_src_last_pkt_time":1686503642111524,"flow_dst_last_pkt_time":1686503642111524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503642111524,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"69.109.187.54","src_port":52184,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":433,"flow_packet_id":1,"flow_src_last_pkt_time":1686503642111524,"flow_dst_last_pkt_time":1686503642111524,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686503642111524,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAO8RDc9GtG\/xRW27NsvYAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503642111524,"flow_src_last_pkt_time":1686503642111524,"flow_dst_last_pkt_time":1686503642111524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503642111524,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"69.109.187.54","src_port":52184,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503041221893,"flow_src_last_pkt_time":1686503041221893,"flow_dst_last_pkt_time":1686503041221893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686503642111524,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":37571,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":440,"packets-processed":439,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22703,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":433,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":433,"total-idle-flows":432,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2098,"global_ts_usec":1686504303052084} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":440,"packets-processed":439,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22703,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":433,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":433,"total-idle-flows":432,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2098,"global_ts_usec":1686504303052084} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686504303052084,"flow_src_last_pkt_time":1686504303052084,"flow_dst_last_pkt_time":1686504303052084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686504303052084,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"165.144.84.62","src_port":40378,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":434,"flow_packet_id":1,"flow_src_last_pkt_time":1686504303052084,"flow_dst_last_pkt_time":1686504303052084,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686504303052084,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRCYz2S2hzpZBUPp26AasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686504303052084,"flow_src_last_pkt_time":1686504303052084,"flow_dst_last_pkt_time":1686504303052084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686504303052084,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"165.144.84.62","src_port":40378,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686503642111524,"flow_src_last_pkt_time":1686503642111524,"flow_dst_last_pkt_time":1686503642111524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686504303052084,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"69.109.187.54","src_port":52184,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":441,"packets-processed":440,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22801,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":434,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":434,"total-idle-flows":433,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2103,"global_ts_usec":1686509878709062} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":441,"packets-processed":440,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22801,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":434,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":434,"total-idle-flows":433,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2103,"global_ts_usec":1686509878709062} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686509878709062,"flow_src_last_pkt_time":1686509878709062,"flow_dst_last_pkt_time":1686509878709062,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686509878709062,"l3_proto":"ip4","src_ip":"138.18.252.120","dst_ip":"165.114.202.61","src_port":11561,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":435,"flow_packet_id":1,"flow_src_last_pkt_time":1686509878709062,"flow_dst_last_pkt_time":1686509878709062,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686509878709062,"pkt":"AAwp30Y4PJTVQTiBCABFBABSCXBAACIRPHOKEvx4pXLKPS0pAasAPkHRAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686509878709062,"flow_src_last_pkt_time":1686509878709062,"flow_dst_last_pkt_time":1686509878709062,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686509878709062,"l3_proto":"ip4","src_ip":"138.18.252.120","dst_ip":"165.114.202.61","src_port":11561,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686504303052084,"flow_src_last_pkt_time":1686504303052084,"flow_dst_last_pkt_time":1686504303052084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686509878709062,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"165.144.84.62","src_port":40378,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":442,"packets-processed":441,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22855,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":435,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":435,"total-idle-flows":434,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2108,"global_ts_usec":1686512676583485} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":442,"packets-processed":441,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22855,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":435,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":435,"total-idle-flows":434,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2108,"global_ts_usec":1686512676583485} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686512676583485,"flow_src_last_pkt_time":1686512676583485,"flow_dst_last_pkt_time":1686512676583485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686512676583485,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"90.141.37.56","src_port":55022,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":436,"flow_packet_id":1,"flow_src_last_pkt_time":1686512676583485,"flow_dst_last_pkt_time":1686512676583485,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686512676583485,"pkt":"3jHC4dyOPJTVQTiBCABFCABLlmEAACQRLg7boGXRWo0lONbuAasAN0abAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686512676583485,"flow_src_last_pkt_time":1686512676583485,"flow_dst_last_pkt_time":1686512676583485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686512676583485,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"90.141.37.56","src_port":55022,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686509878709062,"flow_src_last_pkt_time":1686509878709062,"flow_dst_last_pkt_time":1686509878709062,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686512676583485,"l3_proto":"ip4","src_ip":"138.18.252.120","dst_ip":"165.114.202.61","src_port":11561,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":443,"packets-processed":442,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22902,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":436,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":436,"total-idle-flows":435,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2113,"global_ts_usec":1686513474297518} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":443,"packets-processed":442,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22902,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":436,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":436,"total-idle-flows":435,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2113,"global_ts_usec":1686513474297518} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686513474297518,"flow_src_last_pkt_time":1686513474297518,"flow_dst_last_pkt_time":1686513474297518,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686513474297518,"l3_proto":"ip4","src_ip":"66.228.166.55","dst_ip":"69.109.187.54","src_port":51471,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":437,"flow_packet_id":1,"flow_src_last_pkt_time":1686513474297518,"flow_dst_last_pkt_time":1686513474297518,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686513474297518,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRbVpC5KY3RW27NskPAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686513474297518,"flow_src_last_pkt_time":1686513474297518,"flow_dst_last_pkt_time":1686513474297518,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686513474297518,"l3_proto":"ip4","src_ip":"66.228.166.55","dst_ip":"69.109.187.54","src_port":51471,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686512676583485,"flow_src_last_pkt_time":1686512676583485,"flow_dst_last_pkt_time":1686512676583485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686513474297518,"l3_proto":"ip4","src_ip":"219.160.101.209","dst_ip":"90.141.37.56","src_port":55022,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":444,"packets-processed":443,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22931,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":437,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":437,"total-idle-flows":436,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2118,"global_ts_usec":1686525113247519} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":444,"packets-processed":443,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22931,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":437,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":437,"total-idle-flows":436,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2118,"global_ts_usec":1686525113247519} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686525113247519,"flow_src_last_pkt_time":1686525113247519,"flow_dst_last_pkt_time":1686525113247519,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686525113247519,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"90.147.171.51","src_port":53093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":438,"flow_packet_id":1,"flow_src_last_pkt_time":1686525113247519,"flow_dst_last_pkt_time":1686525113247519,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686525113247519,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXums7ZjRWpOrM89lAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686525113247519,"flow_src_last_pkt_time":1686525113247519,"flow_dst_last_pkt_time":1686525113247519,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686525113247519,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"90.147.171.51","src_port":53093,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686513474297518,"flow_src_last_pkt_time":1686513474297518,"flow_dst_last_pkt_time":1686513474297518,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686525113247519,"l3_proto":"ip4","src_ip":"66.228.166.55","dst_ip":"69.109.187.54","src_port":51471,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":445,"packets-processed":444,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22960,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":438,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":438,"total-idle-flows":437,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2123,"global_ts_usec":1686526077263977} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":445,"packets-processed":444,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22960,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":438,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":438,"total-idle-flows":437,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2123,"global_ts_usec":1686526077263977} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686526077263977,"flow_src_last_pkt_time":1686526077263977,"flow_dst_last_pkt_time":1686526077263977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686526077263977,"l3_proto":"ip4","src_ip":"82.19.88.220","dst_ip":"186.112.202.53","src_port":49990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":439,"flow_packet_id":1,"flow_src_last_pkt_time":1686526077263977,"flow_dst_last_pkt_time":1686526077263977,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686526077263977,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRX9pSE1jcunDKNcNGAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686526077263977,"flow_src_last_pkt_time":1686526077263977,"flow_dst_last_pkt_time":1686526077263977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686526077263977,"l3_proto":"ip4","src_ip":"82.19.88.220","dst_ip":"186.112.202.53","src_port":49990,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686525113247519,"flow_src_last_pkt_time":1686525113247519,"flow_dst_last_pkt_time":1686525113247519,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686526077263977,"l3_proto":"ip4","src_ip":"172.237.152.209","dst_ip":"90.147.171.51","src_port":53093,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":446,"packets-processed":445,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22989,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":439,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":439,"total-idle-flows":438,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2128,"global_ts_usec":1686529340012662} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":446,"packets-processed":445,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":22989,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":439,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":439,"total-idle-flows":438,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2128,"global_ts_usec":1686529340012662} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686529340012662,"flow_src_last_pkt_time":1686529340012662,"flow_dst_last_pkt_time":1686529340012662,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686529340012662,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":2538,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":440,"flow_packet_id":1,"flow_src_last_pkt_time":1686529340012662,"flow_dst_last_pkt_time":1686529340012662,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686529340012662,"pkt":"3jHC4dyOPJTVQTiBCABFCABLCXUAACIRwTynB5p9Wo0lOAnqAasANxfiAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686529340012662,"flow_src_last_pkt_time":1686529340012662,"flow_dst_last_pkt_time":1686529340012662,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686529340012662,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":2538,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686526077263977,"flow_src_last_pkt_time":1686526077263977,"flow_dst_last_pkt_time":1686526077263977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686529340012662,"l3_proto":"ip4","src_ip":"82.19.88.220","dst_ip":"186.112.202.53","src_port":49990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":447,"packets-processed":446,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23036,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":440,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":440,"total-idle-flows":439,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2133,"global_ts_usec":1686547842864988} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":447,"packets-processed":446,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23036,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":440,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":440,"total-idle-flows":439,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2133,"global_ts_usec":1686547842864988} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686547842864988,"flow_src_last_pkt_time":1686547842864988,"flow_dst_last_pkt_time":1686547842864988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686547842864988,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.111.212.50","src_port":54057,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":441,"flow_packet_id":1,"flow_src_last_pkt_time":1686547842864988,"flow_dst_last_pkt_time":1686547842864988,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686547842864988,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXqPOzBhaWm\/UMtMpAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686547842864988,"flow_src_last_pkt_time":1686547842864988,"flow_dst_last_pkt_time":1686547842864988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686547842864988,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.111.212.50","src_port":54057,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686529340012662,"flow_src_last_pkt_time":1686529340012662,"flow_dst_last_pkt_time":1686529340012662,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686547842864988,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":2538,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":448,"packets-processed":447,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23065,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":441,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":441,"total-idle-flows":440,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2138,"global_ts_usec":1686548676434879} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":448,"packets-processed":447,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23065,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":441,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":441,"total-idle-flows":440,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2138,"global_ts_usec":1686548676434879} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686548676434879,"flow_src_last_pkt_time":1686548676434879,"flow_dst_last_pkt_time":1686548676434879,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686548676434879,"l3_proto":"ip4","src_ip":"185.33.65.208","dst_ip":"74.111.203.55","src_port":52802,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":442,"flow_packet_id":1,"flow_src_last_pkt_time":1686548676434879,"flow_dst_last_pkt_time":1686548676434879,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686548676434879,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRbM+5IUHQSm\/LN85CAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686548676434879,"flow_src_last_pkt_time":1686548676434879,"flow_dst_last_pkt_time":1686548676434879,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686548676434879,"l3_proto":"ip4","src_ip":"185.33.65.208","dst_ip":"74.111.203.55","src_port":52802,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686547842864988,"flow_src_last_pkt_time":1686547842864988,"flow_dst_last_pkt_time":1686547842864988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686548676434879,"l3_proto":"ip4","src_ip":"206.204.24.90","dst_ip":"90.111.212.50","src_port":54057,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":449,"packets-processed":448,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23094,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":442,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":442,"total-idle-flows":441,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2143,"global_ts_usec":1686549393930759} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":449,"packets-processed":448,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23094,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":442,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":442,"total-idle-flows":441,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2143,"global_ts_usec":1686549393930759} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686549393930759,"flow_src_last_pkt_time":1686549393930759,"flow_dst_last_pkt_time":1686549393930759,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686549393930759,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"186.112.202.53","src_port":28374,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":443,"flow_packet_id":1,"flow_src_last_pkt_time":1686549393930759,"flow_dst_last_pkt_time":1686549393930759,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686549393930759,"pkt":"xmjqc4OdPJTVQTiBCABFCABLQj4AACQRhmwj\/EVxunDKNW7WAasAN7LuAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686549393930759,"flow_src_last_pkt_time":1686549393930759,"flow_dst_last_pkt_time":1686549393930759,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686549393930759,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"186.112.202.53","src_port":28374,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686548676434879,"flow_src_last_pkt_time":1686548676434879,"flow_dst_last_pkt_time":1686548676434879,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686549393930759,"l3_proto":"ip4","src_ip":"185.33.65.208","dst_ip":"74.111.203.55","src_port":52802,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":450,"packets-processed":449,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23141,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":443,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":443,"total-idle-flows":442,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2148,"global_ts_usec":1686554987062980} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":450,"packets-processed":449,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23141,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":443,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":443,"total-idle-flows":442,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2148,"global_ts_usec":1686554987062980} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":444,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686554987062980,"flow_src_last_pkt_time":1686554987062980,"flow_dst_last_pkt_time":1686554987062980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686554987062980,"l3_proto":"ip4","src_ip":"47.236.248.231","dst_ip":"90.141.37.56","src_port":52985,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":444,"flow_packet_id":1,"flow_src_last_pkt_time":1686554987062980,"flow_dst_last_pkt_time":1686554987062980,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686554987062980,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRXvwv7PjnWo0lOM75AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":444,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686554987062980,"flow_src_last_pkt_time":1686554987062980,"flow_dst_last_pkt_time":1686554987062980,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686554987062980,"l3_proto":"ip4","src_ip":"47.236.248.231","dst_ip":"90.141.37.56","src_port":52985,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686549393930759,"flow_src_last_pkt_time":1686549393930759,"flow_dst_last_pkt_time":1686549393930759,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686554987062980,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"186.112.202.53","src_port":28374,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":451,"packets-processed":450,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23170,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":444,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":444,"total-idle-flows":443,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2153,"global_ts_usec":1686556816084247} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":451,"packets-processed":450,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23170,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":444,"total-detection-updates":0,"total-updates":81,"current-active-flows":1,"total-active-flows":444,"total-idle-flows":443,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2153,"global_ts_usec":1686556816084247} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556816084247,"flow_src_last_pkt_time":1686556816084247,"flow_dst_last_pkt_time":1686556816084247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686556816084247,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.111.212.50","src_port":43924,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":445,"flow_packet_id":1,"flow_src_last_pkt_time":1686556816084247,"flow_dst_last_pkt_time":1686556816084247,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686556816084247,"pkt":"AAwp30Y4PJTVQTiBCABFCAA11DEAAPERM4GtoQqtWm\/UMquUAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556816084247,"flow_src_last_pkt_time":1686556816084247,"flow_dst_last_pkt_time":1686556816084247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686556816084247,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.111.212.50","src_port":43924,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2164,7 +2164,7 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":447,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557322938004,"flow_src_last_pkt_time":1686557322938004,"flow_dst_last_pkt_time":1686557322938004,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557322938004,"l3_proto":"ip4","src_ip":"191.184.52.78","dst_ip":"90.111.212.50","src_port":64609,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":446,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556919146434,"flow_src_last_pkt_time":1686556919146434,"flow_dst_last_pkt_time":1686556919146434,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557322938004,"l3_proto":"ip4","src_ip":"185.213.154.138","dst_ip":"165.114.202.61","src_port":52528,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686556816084247,"flow_src_last_pkt_time":1686556816084247,"flow_dst_last_pkt_time":1686556816084247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557322938004,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.111.212.50","src_port":43924,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":454,"packets-processed":453,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23258,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":447,"total-detection-updates":0,"total-updates":82,"current-active-flows":1,"total-active-flows":447,"total-idle-flows":446,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2167,"global_ts_usec":1686557572392407} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":454,"packets-processed":453,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23258,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":447,"total-detection-updates":0,"total-updates":82,"current-active-flows":1,"total-active-flows":447,"total-idle-flows":446,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2167,"global_ts_usec":1686557572392407} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":448,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557572392407,"flow_src_last_pkt_time":1686557572392407,"flow_dst_last_pkt_time":1686557572392407,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557572392407,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"165.144.84.62","src_port":3597,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":448,"flow_packet_id":1,"flow_src_last_pkt_time":1686557572392407,"flow_dst_last_pkt_time":1686557572392407,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686557572392407,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+j2xAADMREeWnQdRQpZBUPg4NAasAKrsAAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":448,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557572392407,"flow_src_last_pkt_time":1686557572392407,"flow_dst_last_pkt_time":1686557572392407,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686557572392407,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"165.144.84.62","src_port":3597,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2173,7 +2173,7 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":455,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":449,"flow_packet_id":1,"flow_src_last_pkt_time":1686558124354447,"flow_dst_last_pkt_time":1686558124354447,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686558124354447,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+H7dAADMRgZO5PsRKpXLKPcU1AasAKgPRAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":455,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558124354447,"flow_src_last_pkt_time":1686558124354447,"flow_dst_last_pkt_time":1686558124354447,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558124354447,"l3_proto":"ip4","src_ip":"185.62.196.74","dst_ip":"165.114.202.61","src_port":50485,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":448,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686557572392407,"flow_src_last_pkt_time":1686557572392407,"flow_dst_last_pkt_time":1686557572392407,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558124354447,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"165.144.84.62","src_port":3597,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":456,"packets-processed":455,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23326,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":449,"total-detection-updates":0,"total-updates":82,"current-active-flows":1,"total-active-flows":449,"total-idle-flows":448,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2176,"global_ts_usec":1686558422116551} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":456,"packets-processed":455,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23326,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":449,"total-detection-updates":0,"total-updates":82,"current-active-flows":1,"total-active-flows":449,"total-idle-flows":448,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2176,"global_ts_usec":1686558422116551} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558422116551,"flow_src_last_pkt_time":1686558422116551,"flow_dst_last_pkt_time":1686558422116551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558422116551,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"90.145.180.58","src_port":8856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":450,"flow_packet_id":1,"flow_src_last_pkt_time":1686558422116551,"flow_dst_last_pkt_time":1686558422116551,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686558422116551,"pkt":"bs1PogZtPJTVQTiBCABFAAA+YlBAADMRPwOnQdRQWpG0OiKYAasAKqZ3AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558422116551,"flow_src_last_pkt_time":1686558422116551,"flow_dst_last_pkt_time":1686558422116551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558422116551,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"90.145.180.58","src_port":8856,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2186,7 +2186,7 @@ 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":452,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558852064997,"flow_src_last_pkt_time":1686558852064997,"flow_dst_last_pkt_time":1686558852064997,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558852064997,"l3_proto":"ip4","src_ip":"64.64.43.81","dst_ip":"90.141.37.56","src_port":58560,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":451,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558440675193,"flow_src_last_pkt_time":1686558440675193,"flow_dst_last_pkt_time":1686558440675193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558852064997,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"74.111.203.55","src_port":46615,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686558422116551,"flow_src_last_pkt_time":1686558422116551,"flow_dst_last_pkt_time":1686558422116551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686558852064997,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"90.145.180.58","src_port":8856,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":459,"packets-processed":458,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23428,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":452,"total-detection-updates":0,"total-updates":82,"current-active-flows":1,"total-active-flows":452,"total-idle-flows":451,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2189,"global_ts_usec":1686559367388486} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":459,"packets-processed":458,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23428,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":452,"total-detection-updates":0,"total-updates":82,"current-active-flows":1,"total-active-flows":452,"total-idle-flows":451,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2189,"global_ts_usec":1686559367388486} 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559367388486,"flow_src_last_pkt_time":1686559367388486,"flow_dst_last_pkt_time":1686559367388486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559367388486,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"85.111.52.57","src_port":24868,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":453,"flow_packet_id":1,"flow_src_last_pkt_time":1686559367388486,"flow_dst_last_pkt_time":1686559367388486,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686559367388486,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+tTJAADMR7B1BRitLVW80OWEkAasAKmfoAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559367388486,"flow_src_last_pkt_time":1686559367388486,"flow_dst_last_pkt_time":1686559367388486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559367388486,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"85.111.52.57","src_port":24868,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2195,7 +2195,7 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":454,"flow_packet_id":1,"flow_src_last_pkt_time":1686559497105642,"flow_dst_last_pkt_time":1686559497105642,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686559497105642,"pkt":"bpHurUgdPJTVQTiBCABFAAA+H+JAADMRgXenQdRQRW27Nj+eAasAKol3AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":454,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559497105642,"flow_src_last_pkt_time":1686559497105642,"flow_dst_last_pkt_time":1686559497105642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559497105642,"l3_proto":"ip4","src_ip":"167.65.212.80","dst_ip":"69.109.187.54","src_port":16286,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559367388486,"flow_src_last_pkt_time":1686559367388486,"flow_dst_last_pkt_time":1686559367388486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559497105642,"l3_proto":"ip4","src_ip":"65.70.43.75","dst_ip":"85.111.52.57","src_port":24868,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":461,"packets-processed":460,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23496,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":454,"total-detection-updates":0,"total-updates":83,"current-active-flows":2,"total-active-flows":454,"total-idle-flows":452,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2198,"global_ts_usec":1686559998830359} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":461,"packets-processed":460,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23496,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":454,"total-detection-updates":0,"total-updates":83,"current-active-flows":2,"total-active-flows":454,"total-idle-flows":452,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2198,"global_ts_usec":1686559998830359} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559998830359,"flow_src_last_pkt_time":1686559998830359,"flow_dst_last_pkt_time":1686559998830359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559998830359,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"74.111.203.55","src_port":2631,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":455,"flow_packet_id":1,"flow_src_last_pkt_time":1686559998830359,"flow_dst_last_pkt_time":1686559998830359,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686559998830359,"pkt":"ipffLU2SPJTVQTiBCABFAABLXmYAACYRdcAid3p+Sm\/LNwpHAasANyTyAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559998830359,"flow_src_last_pkt_time":1686559998830359,"flow_dst_last_pkt_time":1686559998830359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686559998830359,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"74.111.203.55","src_port":2631,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2205,7 +2205,7 @@ 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":456,"flow_packet_id":1,"flow_src_last_pkt_time":1686560166108940,"flow_dst_last_pkt_time":1686560166108940,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686560166108940,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXo\/TMphPpZBUPtg8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":456,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686560166108940,"flow_src_last_pkt_time":1686560166108940,"flow_dst_last_pkt_time":1686560166108940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560166108940,"l3_proto":"ip4","src_ip":"211.50.152.79","dst_ip":"165.144.84.62","src_port":55356,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686559998830359,"flow_src_last_pkt_time":1686559998830359,"flow_dst_last_pkt_time":1686559998830359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560166108940,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"74.111.203.55","src_port":2631,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":463,"packets-processed":462,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23572,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":456,"total-detection-updates":0,"total-updates":84,"current-active-flows":2,"total-active-flows":456,"total-idle-flows":454,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2208,"global_ts_usec":1686560793652859} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":463,"packets-processed":462,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23572,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":456,"total-detection-updates":0,"total-updates":84,"current-active-flows":2,"total-active-flows":456,"total-idle-flows":454,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2208,"global_ts_usec":1686560793652859} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686560793652859,"flow_src_last_pkt_time":1686560793652859,"flow_dst_last_pkt_time":1686560793652859,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560793652859,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"186.112.202.53","src_port":45539,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":457,"flow_packet_id":1,"flow_src_last_pkt_time":1686560793652859,"flow_dst_last_pkt_time":1686560793652859,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686560793652859,"pkt":"xmjqc4OdPJTVQTiBCABFCAA11DEAAPERM36toQqtunDKNbHjAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686560793652859,"flow_src_last_pkt_time":1686560793652859,"flow_dst_last_pkt_time":1686560793652859,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686560793652859,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"186.112.202.53","src_port":45539,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2224,14 +2224,14 @@ 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":460,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561147477324,"flow_src_last_pkt_time":1686561147477324,"flow_dst_last_pkt_time":1686561147477324,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561147477324,"l3_proto":"ip4","src_ip":"209.239.135.211","dst_ip":"85.111.52.57","src_port":55124,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561012661463,"flow_src_last_pkt_time":1686561012661463,"flow_dst_last_pkt_time":1686561012661463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561147477324,"l3_proto":"ip4","src_ip":"88.185.36.86","dst_ip":"90.147.171.51","src_port":4763,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":459,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561057684079,"flow_src_last_pkt_time":1686561057684079,"flow_dst_last_pkt_time":1686561057684079,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686561147477324,"l3_proto":"ip4","src_ip":"94.64.218.76","dst_ip":"186.112.202.53","src_port":16452,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":467,"packets-processed":466,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23694,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":460,"total-detection-updates":0,"total-updates":87,"current-active-flows":3,"total-active-flows":460,"total-idle-flows":457,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2227,"global_ts_usec":1686562035943293} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":467,"packets-processed":466,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23694,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":460,"total-detection-updates":0,"total-updates":87,"current-active-flows":3,"total-active-flows":460,"total-idle-flows":457,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2227,"global_ts_usec":1686562035943293} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686562035943293,"flow_src_last_pkt_time":1686562035943293,"flow_dst_last_pkt_time":1686562035943293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"90.145.180.58","src_port":58464,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":461,"flow_packet_id":1,"flow_src_last_pkt_time":1686562035943293,"flow_dst_last_pkt_time":1686562035943293,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686562035943293,"pkt":"bs1PogZtPJTVQTiBCABFAABLyDkAACcRCuPigHp2WpG0OuRgAasAN0rOAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686562035943293,"flow_src_last_pkt_time":1686562035943293,"flow_dst_last_pkt_time":1686562035943293,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"226.128.122.118","dst_ip":"90.145.180.58","src_port":58464,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":460,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561147477324,"flow_src_last_pkt_time":1686561147477324,"flow_dst_last_pkt_time":1686561147477324,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"209.239.135.211","dst_ip":"85.111.52.57","src_port":55124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561012661463,"flow_src_last_pkt_time":1686561012661463,"flow_dst_last_pkt_time":1686561012661463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"88.185.36.86","dst_ip":"90.147.171.51","src_port":4763,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":459,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686561057684079,"flow_src_last_pkt_time":1686561057684079,"flow_dst_last_pkt_time":1686561057684079,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686562035943293,"l3_proto":"ip4","src_ip":"94.64.218.76","dst_ip":"186.112.202.53","src_port":16452,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":468,"packets-processed":467,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23741,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":461,"total-detection-updates":0,"total-updates":87,"current-active-flows":1,"total-active-flows":461,"total-idle-flows":460,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2234,"global_ts_usec":1686565369552713} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":468,"packets-processed":467,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23741,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":461,"total-detection-updates":0,"total-updates":87,"current-active-flows":1,"total-active-flows":461,"total-idle-flows":460,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2234,"global_ts_usec":1686565369552713} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565369552713,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565369552713,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.114.202.61","src_port":51324,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_packet_id":1,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686565369552713,"pkt":"AAwp30Y4PJTVQTiBCABFAABL95AAACcR25EiZn14pXLKPch8AasAN2a4AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00954{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565369552713,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565369552713,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.114.202.61","src_port":51324,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2240,13 +2240,13 @@ 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":463,"flow_packet_id":1,"flow_src_last_pkt_time":1686565439403208,"flow_dst_last_pkt_time":1686565439403208,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686565439403208,"pkt":"AAwp30Y4PJTVQTiBCABFBAA11DEAAOURP3utoQqtpZBUPqVAAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":463,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565439403208,"flow_src_last_pkt_time":1686565439403208,"flow_dst_last_pkt_time":1686565439403208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565439403208,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.144.84.62","src_port":42304,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00995{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565369552713,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686565439403208,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.114.202.61","src_port":51324,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":470,"packets-processed":469,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23813,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":463,"total-detection-updates":0,"total-updates":88,"current-active-flows":2,"total-active-flows":463,"total-idle-flows":461,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2243,"global_ts_usec":1686572533804714} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":470,"packets-processed":469,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23813,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":463,"total-detection-updates":0,"total-updates":88,"current-active-flows":2,"total-active-flows":463,"total-idle-flows":461,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2243,"global_ts_usec":1686572533804714} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":464,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686572533804714,"flow_src_last_pkt_time":1686572533804714,"flow_dst_last_pkt_time":1686572533804714,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686572533804714,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.145.180.58","src_port":53096,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":464,"flow_packet_id":1,"flow_src_last_pkt_time":1686572533804714,"flow_dst_last_pkt_time":1686572533804714,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686572533804714,"pkt":"bs1PogZtPJTVQTiBCABFCAA11DEAAPERM3mtoQqtWpG0Os9oAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":464,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686572533804714,"flow_src_last_pkt_time":1686572533804714,"flow_dst_last_pkt_time":1686572533804714,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686572533804714,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.145.180.58","src_port":53096,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00993{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565369552713,"flow_src_last_pkt_time":1686565369552713,"flow_dst_last_pkt_time":1686565369552713,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686572533804714,"l3_proto":"ip4","src_ip":"34.102.125.120","dst_ip":"165.114.202.61","src_port":51324,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":463,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686565439403208,"flow_src_last_pkt_time":1686565439403208,"flow_dst_last_pkt_time":1686565439403208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686572533804714,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.144.84.62","src_port":42304,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":471,"packets-processed":470,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23838,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":464,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":464,"total-idle-flows":463,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2249,"global_ts_usec":1686582591141391} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":471,"packets-processed":470,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":23838,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":464,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":464,"total-idle-flows":463,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2249,"global_ts_usec":1686582591141391} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686582591141391,"flow_src_last_pkt_time":1686582591141391,"flow_dst_last_pkt_time":1686582591141391,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686582591141391,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":51824,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":465,"flow_packet_id":1,"flow_src_last_pkt_time":1686582591141391,"flow_dst_last_pkt_time":1686582591141391,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686582591141391,"pkt":"moT+\/Ph8PJTVQTiBCABFAAB+1DEAAPIRCxGGtJCVVW80OcpwAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":471,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686582591141391,"flow_src_last_pkt_time":1686582591141391,"flow_dst_last_pkt_time":1686582591141391,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686582591141391,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"85.111.52.57","src_port":51824,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2259,17 +2259,17 @@ 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":467,"flow_packet_id":1,"flow_src_last_pkt_time":1686583068043463,"flow_dst_last_pkt_time":1686583068043463,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686583068043463,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPIRpTYtg6GYWm\/UMuIEAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583068043463,"flow_src_last_pkt_time":1686583068043463,"flow_dst_last_pkt_time":1686583068043463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583068043463,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"90.111.212.50","src_port":57860,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686582817928624,"flow_src_last_pkt_time":1686582817928624,"flow_dst_last_pkt_time":1686582817928624,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583068043463,"l3_proto":"ip4","src_ip":"236.131.162.157","dst_ip":"90.147.171.51","src_port":35531,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":474,"packets-processed":473,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24132,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":467,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":467,"total-idle-flows":466,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2262,"global_ts_usec":1686583896993524} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":474,"packets-processed":473,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24132,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":467,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":467,"total-idle-flows":466,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2262,"global_ts_usec":1686583896993524} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583896993524,"flow_src_last_pkt_time":1686583896993524,"flow_dst_last_pkt_time":1686583896993524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583896993524,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.141.37.56","src_port":60345,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":468,"flow_packet_id":1,"flow_src_last_pkt_time":1686583896993524,"flow_dst_last_pkt_time":1686583896993524,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686583896993524,"pkt":"3jHC4dyOPJTVQTiBCABFBAA11DEAAOURP4CtoQqtWo0lOOu5AasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583896993524,"flow_src_last_pkt_time":1686583896993524,"flow_dst_last_pkt_time":1686583896993524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583896993524,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.141.37.56","src_port":60345,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583068043463,"flow_src_last_pkt_time":1686583068043463,"flow_dst_last_pkt_time":1686583068043463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686583896993524,"l3_proto":"ip4","src_ip":"45.131.161.152","dst_ip":"90.111.212.50","src_port":57860,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":475,"packets-processed":474,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24157,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":468,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":468,"total-idle-flows":467,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2267,"global_ts_usec":1686585375283341} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":475,"packets-processed":474,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24157,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":468,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":468,"total-idle-flows":467,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2267,"global_ts_usec":1686585375283341} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686585375283341,"flow_src_last_pkt_time":1686585375283341,"flow_dst_last_pkt_time":1686585375283341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686585375283341,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.141.37.56","src_port":60624,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":469,"flow_packet_id":1,"flow_src_last_pkt_time":1686585375283341,"flow_dst_last_pkt_time":1686585375283341,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686585375283341,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRpScQY5OSWo0lOOzQAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686585375283341,"flow_src_last_pkt_time":1686585375283341,"flow_dst_last_pkt_time":1686585375283341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686585375283341,"l3_proto":"ip4","src_ip":"16.99.147.146","dst_ip":"90.141.37.56","src_port":60624,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686583896993524,"flow_src_last_pkt_time":1686583896993524,"flow_dst_last_pkt_time":1686583896993524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686585375283341,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.141.37.56","src_port":60345,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":476,"packets-processed":475,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24255,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":469,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":469,"total-idle-flows":468,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2272,"global_ts_usec":1686586012577392} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":476,"packets-processed":475,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24255,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":469,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":469,"total-idle-flows":468,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2272,"global_ts_usec":1686586012577392} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586012577392,"flow_src_last_pkt_time":1686586012577392,"flow_dst_last_pkt_time":1686586012577392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586012577392,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":50595,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":470,"flow_packet_id":1,"flow_src_last_pkt_time":1686586012577392,"flow_dst_last_pkt_time":1686586012577392,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686586012577392,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPIRCwa2tHiLpZBUPsWjAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586012577392,"flow_src_last_pkt_time":1686586012577392,"flow_dst_last_pkt_time":1686586012577392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586012577392,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":50595,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2278,22 +2278,22 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":477,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":471,"flow_packet_id":1,"flow_src_last_pkt_time":1686586604126248,"flow_dst_last_pkt_time":1686586604126248,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686586604126248,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpSUTY5OUpXLKPeRUAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":477,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586604126248,"flow_src_last_pkt_time":1686586604126248,"flow_dst_last_pkt_time":1686586604126248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586604126248,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":58452,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586012577392,"flow_src_last_pkt_time":1686586012577392,"flow_dst_last_pkt_time":1686586012577392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686586604126248,"l3_proto":"ip4","src_ip":"182.180.120.139","dst_ip":"165.144.84.62","src_port":50595,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":478,"packets-processed":477,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24451,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":471,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":471,"total-idle-flows":470,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2281,"global_ts_usec":1686588963792964} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":478,"packets-processed":477,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24451,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":471,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":471,"total-idle-flows":470,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2281,"global_ts_usec":1686588963792964} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686588963792964,"flow_src_last_pkt_time":1686588963792964,"flow_dst_last_pkt_time":1686588963792964,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686588963792964,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"69.109.187.54","src_port":52931,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":472,"flow_packet_id":1,"flow_src_last_pkt_time":1686588963792964,"flow_dst_last_pkt_time":1686588963792964,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686588963792964,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPIRpS3SfJyVRW27Ns7DAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686588963792964,"flow_src_last_pkt_time":1686588963792964,"flow_dst_last_pkt_time":1686588963792964,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686588963792964,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"69.109.187.54","src_port":52931,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686586604126248,"flow_src_last_pkt_time":1686586604126248,"flow_dst_last_pkt_time":1686586604126248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686588963792964,"l3_proto":"ip4","src_ip":"19.99.147.148","dst_ip":"165.114.202.61","src_port":58452,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":479,"packets-processed":478,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24549,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":472,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":472,"total-idle-flows":471,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2286,"global_ts_usec":1686590370864320} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":479,"packets-processed":478,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24549,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":472,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":472,"total-idle-flows":471,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2286,"global_ts_usec":1686590370864320} 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686590370864320,"flow_src_last_pkt_time":1686590370864320,"flow_dst_last_pkt_time":1686590370864320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686590370864320,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":57887,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":473,"flow_packet_id":1,"flow_src_last_pkt_time":1686590370864320,"flow_dst_last_pkt_time":1686590370864320,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686590370864320,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAPIRCxSGtJCVunDKNeIfAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686590370864320,"flow_src_last_pkt_time":1686590370864320,"flow_dst_last_pkt_time":1686590370864320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686590370864320,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":57887,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686588963792964,"flow_src_last_pkt_time":1686588963792964,"flow_dst_last_pkt_time":1686588963792964,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686590370864320,"l3_proto":"ip4","src_ip":"210.124.156.149","dst_ip":"69.109.187.54","src_port":52931,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":480,"packets-processed":479,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24647,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":473,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":473,"total-idle-flows":472,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2291,"global_ts_usec":1686591026824273} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":480,"packets-processed":479,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24647,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":473,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":473,"total-idle-flows":472,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2291,"global_ts_usec":1686591026824273} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":474,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591026824273,"flow_src_last_pkt_time":1686591026824273,"flow_dst_last_pkt_time":1686591026824273,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591026824273,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"74.111.203.55","src_port":56968,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":474,"flow_packet_id":1,"flow_src_last_pkt_time":1686591026824273,"flow_dst_last_pkt_time":1686591026824273,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686591026824273,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAO0RD9G4tKjwSm\/LN96IAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":474,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591026824273,"flow_src_last_pkt_time":1686591026824273,"flow_dst_last_pkt_time":1686591026824273,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591026824273,"l3_proto":"ip4","src_ip":"184.180.168.240","dst_ip":"74.111.203.55","src_port":56968,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686590370864320,"flow_src_last_pkt_time":1686590370864320,"flow_dst_last_pkt_time":1686590370864320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591026824273,"l3_proto":"ip4","src_ip":"134.180.144.149","dst_ip":"186.112.202.53","src_port":57887,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":481,"packets-processed":480,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24745,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":474,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":474,"total-idle-flows":473,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2296,"global_ts_usec":1686591654230904} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":481,"packets-processed":480,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24745,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":474,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":474,"total-idle-flows":473,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2296,"global_ts_usec":1686591654230904} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591654230904,"flow_src_last_pkt_time":1686591654230904,"flow_dst_last_pkt_time":1686591654230904,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591654230904,"l3_proto":"ip4","src_ip":"16.131.191.144","dst_ip":"90.145.180.58","src_port":57563,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":475,"flow_packet_id":1,"flow_src_last_pkt_time":1686591654230904,"flow_dst_last_pkt_time":1686591654230904,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686591654230904,"pkt":"bs1PogZtPJTVQTiBCABFAAB+1DEAAPIRpSYQg7+QWpG0OuDbAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591654230904,"flow_src_last_pkt_time":1686591654230904,"flow_dst_last_pkt_time":1686591654230904,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686591654230904,"l3_proto":"ip4","src_ip":"16.131.191.144","dst_ip":"90.145.180.58","src_port":57563,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2302,27 +2302,27 @@ 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":482,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":476,"flow_packet_id":1,"flow_src_last_pkt_time":1686592164666841,"flow_dst_last_pkt_time":1686592164666841,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686592164666841,"pkt":"AAwp30Y4PJTVQTiBCABFCAA11DEAAPERM3atoQqtpXLKPYGrAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":482,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":476,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592164666841,"flow_src_last_pkt_time":1686592164666841,"flow_dst_last_pkt_time":1686592164666841,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592164666841,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.114.202.61","src_port":33195,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686591654230904,"flow_src_last_pkt_time":1686591654230904,"flow_dst_last_pkt_time":1686591654230904,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592164666841,"l3_proto":"ip4","src_ip":"16.131.191.144","dst_ip":"90.145.180.58","src_port":57563,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":483,"packets-processed":482,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24868,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":476,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":476,"total-idle-flows":475,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2305,"global_ts_usec":1686592363602889} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":483,"packets-processed":482,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24868,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":476,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":476,"total-idle-flows":475,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2305,"global_ts_usec":1686592363602889} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":477,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592363602889,"flow_src_last_pkt_time":1686592363602889,"flow_dst_last_pkt_time":1686592363602889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592363602889,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.147.171.51","src_port":48688,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":477,"flow_packet_id":1,"flow_src_last_pkt_time":1686592363602889,"flow_dst_last_pkt_time":1686592363602889,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686592363602889,"pkt":"AAwp30Y4PJTVQTiBCABFCAA11DEAAPERM4KtoQqtWpOrM74wAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":477,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592363602889,"flow_src_last_pkt_time":1686592363602889,"flow_dst_last_pkt_time":1686592363602889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592363602889,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.147.171.51","src_port":48688,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":476,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592164666841,"flow_src_last_pkt_time":1686592164666841,"flow_dst_last_pkt_time":1686592164666841,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686592363602889,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"165.114.202.61","src_port":33195,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":484,"packets-processed":483,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24893,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":477,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":477,"total-idle-flows":476,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2310,"global_ts_usec":1686596322335333} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":484,"packets-processed":483,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24893,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":477,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":477,"total-idle-flows":476,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2310,"global_ts_usec":1686596322335333} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686596322335333,"flow_src_last_pkt_time":1686596322335333,"flow_dst_last_pkt_time":1686596322335333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686596322335333,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"165.144.84.62","src_port":41269,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":478,"flow_packet_id":1,"flow_src_last_pkt_time":1686596322335333,"flow_dst_last_pkt_time":1686596322335333,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686596322335333,"pkt":"AAwp30Y4PJTVQTiBCABFCABLns0AACQRJZHnJlLdpZBUPqE1AasAN3xDAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686596322335333,"flow_src_last_pkt_time":1686596322335333,"flow_dst_last_pkt_time":1686596322335333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686596322335333,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"165.144.84.62","src_port":41269,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":477,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686592363602889,"flow_src_last_pkt_time":1686592363602889,"flow_dst_last_pkt_time":1686592363602889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686596322335333,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"90.147.171.51","src_port":48688,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":485,"packets-processed":484,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24940,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":478,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":478,"total-idle-flows":477,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2315,"global_ts_usec":1686602955779893} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":485,"packets-processed":484,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24940,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":478,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":478,"total-idle-flows":477,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2315,"global_ts_usec":1686602955779893} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686602955779893,"flow_src_last_pkt_time":1686602955779893,"flow_dst_last_pkt_time":1686602955779893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686602955779893,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":14173,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":479,"flow_packet_id":1,"flow_src_last_pkt_time":1686602955779893,"flow_dst_last_pkt_time":1686602955779893,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686602955779893,"pkt":"bpHurUgdPJTVQTiBCABFCABLVG4AACIRdj0j\/EVxRW27NjddAasAN+poAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686602955779893,"flow_src_last_pkt_time":1686602955779893,"flow_dst_last_pkt_time":1686602955779893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686602955779893,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":14173,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686596322335333,"flow_src_last_pkt_time":1686596322335333,"flow_dst_last_pkt_time":1686596322335333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686602955779893,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"165.144.84.62","src_port":41269,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":486,"packets-processed":485,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24987,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":479,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":479,"total-idle-flows":478,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2320,"global_ts_usec":1686608660321945} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":486,"packets-processed":485,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":24987,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":479,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":479,"total-idle-flows":478,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2320,"global_ts_usec":1686608660321945} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":480,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686608660321945,"flow_src_last_pkt_time":1686608660321945,"flow_dst_last_pkt_time":1686608660321945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686608660321945,"l3_proto":"ip4","src_ip":"173.19.223.218","dst_ip":"85.111.52.57","src_port":54527,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":480,"flow_packet_id":1,"flow_src_last_pkt_time":1686608660321945,"flow_dst_last_pkt_time":1686608660321945,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686608660321945,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPoRXtitE9\/aVW80OdT\/AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":480,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686608660321945,"flow_src_last_pkt_time":1686608660321945,"flow_dst_last_pkt_time":1686608660321945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686608660321945,"l3_proto":"ip4","src_ip":"173.19.223.218","dst_ip":"85.111.52.57","src_port":54527,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686602955779893,"flow_src_last_pkt_time":1686602955779893,"flow_dst_last_pkt_time":1686602955779893,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686608660321945,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"69.109.187.54","src_port":14173,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":487,"packets-processed":486,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25016,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":480,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":480,"total-idle-flows":479,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2325,"global_ts_usec":1686612659801075} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":487,"packets-processed":486,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25016,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":480,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":480,"total-idle-flows":479,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2325,"global_ts_usec":1686612659801075} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686612659801075,"flow_src_last_pkt_time":1686612659801075,"flow_dst_last_pkt_time":1686612659801075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686612659801075,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"90.145.180.58","src_port":52104,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":481,"flow_packet_id":1,"flow_src_last_pkt_time":1686612659801075,"flow_dst_last_pkt_time":1686612659801075,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686612659801075,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPoRXtrQ8\/jUWpG0OsuIAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686612659801075,"flow_src_last_pkt_time":1686612659801075,"flow_dst_last_pkt_time":1686612659801075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686612659801075,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"90.145.180.58","src_port":52104,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2331,12 +2331,12 @@ 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":482,"flow_packet_id":1,"flow_src_last_pkt_time":1686613204876638,"flow_dst_last_pkt_time":1686613204876638,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686613204876638,"pkt":"AAwp30Y4PJTVQTiBCABFCABL8UEAACIR2W0nO4t5pXLKPUanAasAN9siAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686613204876638,"flow_src_last_pkt_time":1686613204876638,"flow_dst_last_pkt_time":1686613204876638,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686613204876638,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"165.114.202.61","src_port":18087,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686612659801075,"flow_src_last_pkt_time":1686612659801075,"flow_dst_last_pkt_time":1686612659801075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686613204876638,"l3_proto":"ip4","src_ip":"208.243.248.212","dst_ip":"90.145.180.58","src_port":52104,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":489,"packets-processed":488,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25092,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":482,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":482,"total-idle-flows":481,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2334,"global_ts_usec":1686615481954219} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":489,"packets-processed":488,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25092,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":482,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":482,"total-idle-flows":481,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2334,"global_ts_usec":1686615481954219} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":483,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686615481954219,"flow_src_last_pkt_time":1686615481954219,"flow_dst_last_pkt_time":1686615481954219,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686615481954219,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"69.109.187.54","src_port":33095,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":483,"flow_packet_id":1,"flow_src_last_pkt_time":1686615481954219,"flow_dst_last_pkt_time":1686615481954219,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686615481954219,"pkt":"bpHurUgdPJTVQTiBCABFCAA11DEAAPERM3+toQqtRW27NoFHAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":483,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686615481954219,"flow_src_last_pkt_time":1686615481954219,"flow_dst_last_pkt_time":1686615481954219,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686615481954219,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"69.109.187.54","src_port":33095,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686613204876638,"flow_src_last_pkt_time":1686613204876638,"flow_dst_last_pkt_time":1686613204876638,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686615481954219,"l3_proto":"ip4","src_ip":"39.59.139.121","dst_ip":"165.114.202.61","src_port":18087,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":490,"packets-processed":489,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25117,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":483,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":483,"total-idle-flows":482,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2339,"global_ts_usec":1686616634395567} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":490,"packets-processed":489,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25117,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":483,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":483,"total-idle-flows":482,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2339,"global_ts_usec":1686616634395567} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686616634395567,"flow_src_last_pkt_time":1686616634395567,"flow_dst_last_pkt_time":1686616634395567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686616634395567,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"85.111.52.57","src_port":42481,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":484,"flow_packet_id":1,"flow_src_last_pkt_time":1686616634395567,"flow_dst_last_pkt_time":1686616634395567,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686616634395567,"pkt":"moT+\/Ph8PJTVQTiBCABFBAA11DEAAOURP3+toQqtVW80OaXxAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686616634395567,"flow_src_last_pkt_time":1686616634395567,"flow_dst_last_pkt_time":1686616634395567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686616634395567,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"85.111.52.57","src_port":42481,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2345,12 +2345,12 @@ 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":485,"flow_packet_id":1,"flow_src_last_pkt_time":1686617105964842,"flow_dst_last_pkt_time":1686617105964842,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686617105964842,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbgVG0kSqWm\/UMsPJAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686617105964842,"flow_src_last_pkt_time":1686617105964842,"flow_dst_last_pkt_time":1686617105964842,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686617105964842,"l3_proto":"ip4","src_ip":"70.210.68.170","dst_ip":"90.111.212.50","src_port":50121,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686616634395567,"flow_src_last_pkt_time":1686616634395567,"flow_dst_last_pkt_time":1686616634395567,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686617105964842,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"85.111.52.57","src_port":42481,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":492,"packets-processed":491,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25171,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":485,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":485,"total-idle-flows":484,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2348,"global_ts_usec":1686621073847677} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":492,"packets-processed":491,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25171,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":485,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":485,"total-idle-flows":484,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2348,"global_ts_usec":1686621073847677} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621073847677,"flow_src_last_pkt_time":1686621073847677,"flow_dst_last_pkt_time":1686621073847677,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621073847677,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.145.180.58","src_port":51729,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":486,"flow_packet_id":1,"flow_src_last_pkt_time":1686621073847677,"flow_dst_last_pkt_time":1686621073847677,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686621073847677,"pkt":"bs1PogZtPJTVQTiBCABFCABLfhMAACIRTJ3jx1p6WpG0OsoRAasAN1e5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621073847677,"flow_src_last_pkt_time":1686621073847677,"flow_dst_last_pkt_time":1686621073847677,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621073847677,"l3_proto":"ip4","src_ip":"227.199.90.122","dst_ip":"90.145.180.58","src_port":51729,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686617105964842,"flow_src_last_pkt_time":1686617105964842,"flow_dst_last_pkt_time":1686617105964842,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621073847677,"l3_proto":"ip4","src_ip":"70.210.68.170","dst_ip":"90.111.212.50","src_port":50121,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":493,"packets-processed":492,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25218,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":486,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":486,"total-idle-flows":485,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2353,"global_ts_usec":1686621999752750} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":493,"packets-processed":492,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25218,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":486,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":486,"total-idle-flows":485,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2353,"global_ts_usec":1686621999752750} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621999752750,"flow_src_last_pkt_time":1686621999752750,"flow_dst_last_pkt_time":1686621999752750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621999752750,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"74.111.203.55","src_port":56820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":487,"flow_packet_id":1,"flow_src_last_pkt_time":1686621999752750,"flow_dst_last_pkt_time":1686621999752750,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686621999752750,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbdmh54D1Sm\/LN930AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621999752750,"flow_src_last_pkt_time":1686621999752750,"flow_dst_last_pkt_time":1686621999752750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686621999752750,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"74.111.203.55","src_port":56820,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2359,22 +2359,22 @@ 00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":488,"flow_packet_id":1,"flow_src_last_pkt_time":1686622450094352,"flow_dst_last_pkt_time":1686622450094352,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":67,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":67,"pkt_l4_len":33,"thread_ts_usec":1686622450094352,"pkt":"ipffLU2SPJTVQTiBCABFBAA11DEAAOURP4StoQqtSm\/LN9dbAasAIQAAAQkAGQAAZW4AA5T9AAD\/\/wAHZGVmYXVsdA=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686622450094352,"flow_src_last_pkt_time":1686622450094352,"flow_dst_last_pkt_time":1686622450094352,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686622450094352,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"74.111.203.55","src_port":55131,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686621999752750,"flow_src_last_pkt_time":1686621999752750,"flow_dst_last_pkt_time":1686621999752750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686622450094352,"l3_proto":"ip4","src_ip":"161.231.128.245","dst_ip":"74.111.203.55","src_port":56820,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":495,"packets-processed":494,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25272,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":488,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":488,"total-idle-flows":487,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2362,"global_ts_usec":1686623052095688} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":495,"packets-processed":494,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25272,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":488,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":488,"total-idle-flows":487,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2362,"global_ts_usec":1686623052095688} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623052095688,"flow_src_last_pkt_time":1686623052095688,"flow_dst_last_pkt_time":1686623052095688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623052095688,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.114.202.61","src_port":14222,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":489,"flow_packet_id":1,"flow_src_last_pkt_time":1686623052095688,"flow_dst_last_pkt_time":1686623052095688,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686623052095688,"pkt":"AAwp30Y4PJTVQTiBCABFCABLa\/IAACQRWHZjx03TpXLKPTeOAasAN+X0AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623052095688,"flow_src_last_pkt_time":1686623052095688,"flow_dst_last_pkt_time":1686623052095688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623052095688,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.114.202.61","src_port":14222,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686622450094352,"flow_src_last_pkt_time":1686622450094352,"flow_dst_last_pkt_time":1686622450094352,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623052095688,"l3_proto":"ip4","src_ip":"173.161.10.173","dst_ip":"74.111.203.55","src_port":55131,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":496,"packets-processed":495,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25319,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":489,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":489,"total-idle-flows":488,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2367,"global_ts_usec":1686623787230359} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":496,"packets-processed":495,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25319,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":489,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":489,"total-idle-flows":488,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2367,"global_ts_usec":1686623787230359} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623787230359,"flow_src_last_pkt_time":1686623787230359,"flow_dst_last_pkt_time":1686623787230359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623787230359,"l3_proto":"ip4","src_ip":"222.41.7.222","dst_ip":"90.147.171.51","src_port":55970,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":490,"flow_packet_id":1,"flow_src_last_pkt_time":1686623787230359,"flow_dst_last_pkt_time":1686623787230359,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686623787230359,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbcPeKQfeWpOrM9qiAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623787230359,"flow_src_last_pkt_time":1686623787230359,"flow_dst_last_pkt_time":1686623787230359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623787230359,"l3_proto":"ip4","src_ip":"222.41.7.222","dst_ip":"90.147.171.51","src_port":55970,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623052095688,"flow_src_last_pkt_time":1686623052095688,"flow_dst_last_pkt_time":1686623052095688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686623787230359,"l3_proto":"ip4","src_ip":"99.199.77.211","dst_ip":"165.114.202.61","src_port":14222,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":497,"packets-processed":496,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25348,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":490,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":490,"total-idle-flows":489,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2372,"global_ts_usec":1686625900350760} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":497,"packets-processed":496,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25348,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":490,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":490,"total-idle-flows":489,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2372,"global_ts_usec":1686625900350760} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686625900350760,"flow_src_last_pkt_time":1686625900350760,"flow_dst_last_pkt_time":1686625900350760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686625900350760,"l3_proto":"ip4","src_ip":"89.28.95.249","dst_ip":"165.144.84.62","src_port":56710,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":491,"flow_packet_id":1,"flow_src_last_pkt_time":1686625900350760,"flow_dst_last_pkt_time":1686625900350760,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686625900350760,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbc1ZHF\/5pZBUPt2GAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686625900350760,"flow_src_last_pkt_time":1686625900350760,"flow_dst_last_pkt_time":1686625900350760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686625900350760,"l3_proto":"ip4","src_ip":"89.28.95.249","dst_ip":"165.144.84.62","src_port":56710,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686623787230359,"flow_src_last_pkt_time":1686623787230359,"flow_dst_last_pkt_time":1686623787230359,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686625900350760,"l3_proto":"ip4","src_ip":"222.41.7.222","dst_ip":"90.147.171.51","src_port":55970,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":498,"packets-processed":497,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25377,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":491,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":491,"total-idle-flows":490,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2377,"global_ts_usec":1686628530442979} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":498,"packets-processed":497,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25377,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":491,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":491,"total-idle-flows":490,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2377,"global_ts_usec":1686628530442979} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686628530442979,"flow_src_last_pkt_time":1686628530442979,"flow_dst_last_pkt_time":1686628530442979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686628530442979,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"74.111.203.55","src_port":16312,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":492,"flow_packet_id":1,"flow_src_last_pkt_time":1686628530442979,"flow_dst_last_pkt_time":1686628530442979,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686628530442979,"pkt":"ipffLU2SPJTVQTiBCABFAAA+QgFAADQR6spVL+CrSm\/LNz+4AasAKhXQAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686628530442979,"flow_src_last_pkt_time":1686628530442979,"flow_dst_last_pkt_time":1686628530442979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686628530442979,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"74.111.203.55","src_port":16312,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2387,12 +2387,12 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":494,"flow_packet_id":1,"flow_src_last_pkt_time":1686629067407805,"flow_dst_last_pkt_time":1686629067407805,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686629067407805,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+joxAADQRnjdKjiiuWo0lOCkgAasAKixgAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629067407805,"flow_src_last_pkt_time":1686629067407805,"flow_dst_last_pkt_time":1686629067407805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629067407805,"l3_proto":"ip4","src_ip":"74.142.40.174","dst_ip":"90.141.37.56","src_port":10528,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686628814387687,"flow_src_last_pkt_time":1686628814387687,"flow_dst_last_pkt_time":1686628814387687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629067407805,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"165.144.84.62","src_port":46040,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":501,"packets-processed":500,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25479,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":494,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":494,"total-idle-flows":493,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2390,"global_ts_usec":1686629318462692} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":501,"packets-processed":500,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25479,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":494,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":494,"total-idle-flows":493,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2390,"global_ts_usec":1686629318462692} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629318462692,"flow_src_last_pkt_time":1686629318462692,"flow_dst_last_pkt_time":1686629318462692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629318462692,"l3_proto":"ip4","src_ip":"85.174.88.154","dst_ip":"69.109.187.54","src_port":20504,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":495,"flow_packet_id":1,"flow_src_last_pkt_time":1686629318462692,"flow_dst_last_pkt_time":1686629318462692,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686629318462692,"pkt":"bpHurUgdPJTVQTiBCABFAAA+O+VAADQR8QlVrliaRW27NlAYAasAKgWTAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629318462692,"flow_src_last_pkt_time":1686629318462692,"flow_dst_last_pkt_time":1686629318462692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629318462692,"l3_proto":"ip4","src_ip":"85.174.88.154","dst_ip":"69.109.187.54","src_port":20504,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629067407805,"flow_src_last_pkt_time":1686629067407805,"flow_dst_last_pkt_time":1686629067407805,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629318462692,"l3_proto":"ip4","src_ip":"74.142.40.174","dst_ip":"90.141.37.56","src_port":10528,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":502,"packets-processed":501,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25513,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":495,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":495,"total-idle-flows":494,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2395,"global_ts_usec":1686629919351142} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":502,"packets-processed":501,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25513,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":495,"total-detection-updates":0,"total-updates":88,"current-active-flows":1,"total-active-flows":495,"total-idle-flows":494,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2395,"global_ts_usec":1686629919351142} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629919351142,"flow_src_last_pkt_time":1686629919351142,"flow_dst_last_pkt_time":1686629919351142,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629919351142,"l3_proto":"ip4","src_ip":"170.238.168.143","dst_ip":"85.111.52.57","src_port":62476,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":496,"flow_packet_id":1,"flow_src_last_pkt_time":1686629919351142,"flow_dst_last_pkt_time":1686629919351142,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686629919351142,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+qEdAADQRhJOq7qiPVW80OfQMAasAKmGKAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686629919351142,"flow_src_last_pkt_time":1686629919351142,"flow_dst_last_pkt_time":1686629919351142,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686629919351142,"l3_proto":"ip4","src_ip":"170.238.168.143","dst_ip":"85.111.52.57","src_port":62476,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2408,29 +2408,29 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":499,"flow_packet_id":1,"flow_src_last_pkt_time":1686630458164673,"flow_dst_last_pkt_time":1686630458164673,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686630458164673,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+D4ZAADQRHSyq8yi6pXLKPYrIAasAKsqlAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630458164673,"flow_src_last_pkt_time":1686630458164673,"flow_dst_last_pkt_time":1686630458164673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630458164673,"l3_proto":"ip4","src_ip":"170.243.40.186","dst_ip":"165.114.202.61","src_port":35528,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630406259808,"flow_src_last_pkt_time":1686630406259808,"flow_dst_last_pkt_time":1686630406259808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630458164673,"l3_proto":"ip4","src_ip":"170.18.87.162","dst_ip":"186.112.202.53","src_port":58469,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":506,"packets-processed":505,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25649,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":499,"total-detection-updates":0,"total-updates":89,"current-active-flows":3,"total-active-flows":499,"total-idle-flows":496,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2411,"global_ts_usec":1686630725136169} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":506,"packets-processed":505,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25649,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":499,"total-detection-updates":0,"total-updates":89,"current-active-flows":3,"total-active-flows":499,"total-idle-flows":496,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2411,"global_ts_usec":1686630725136169} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630725136169,"flow_src_last_pkt_time":1686630725136169,"flow_dst_last_pkt_time":1686630725136169,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"74.239.16.156","dst_ip":"90.145.180.58","src_port":46464,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":500,"flow_packet_id":1,"flow_src_last_pkt_time":1686630725136169,"flow_dst_last_pkt_time":1686630725136169,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686630725136169,"pkt":"bs1PogZtPJTVQTiBCABFAAA+gpBAADQRqlxK7xCcWpG0OrWAAasAKqAoAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630725136169,"flow_src_last_pkt_time":1686630725136169,"flow_dst_last_pkt_time":1686630725136169,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"74.239.16.156","dst_ip":"90.145.180.58","src_port":46464,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630430100534,"flow_src_last_pkt_time":1686630430100534,"flow_dst_last_pkt_time":1686630430100534,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"85.47.224.171","dst_ip":"90.111.212.50","src_port":16312,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630406259808,"flow_src_last_pkt_time":1686630406259808,"flow_dst_last_pkt_time":1686630406259808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"170.18.87.162","dst_ip":"186.112.202.53","src_port":58469,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630458164673,"flow_src_last_pkt_time":1686630458164673,"flow_dst_last_pkt_time":1686630458164673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686630725136169,"l3_proto":"ip4","src_ip":"170.243.40.186","dst_ip":"165.114.202.61","src_port":35528,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":507,"packets-processed":506,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25683,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":500,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":500,"total-idle-flows":499,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2418,"global_ts_usec":1686633699223089} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":507,"packets-processed":506,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25683,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":500,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":500,"total-idle-flows":499,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2418,"global_ts_usec":1686633699223089} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686633699223089,"flow_src_last_pkt_time":1686633699223089,"flow_dst_last_pkt_time":1686633699223089,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686633699223089,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":46588,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":501,"flow_packet_id":1,"flow_src_last_pkt_time":1686633699223089,"flow_dst_last_pkt_time":1686633699223089,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686633699223089,"pkt":"AAwp30Y4PJTVQTiBCABFCABL7LwAACIR3egjAGRzpZBUPrX8AasAN2vDAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686633699223089,"flow_src_last_pkt_time":1686633699223089,"flow_dst_last_pkt_time":1686633699223089,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686633699223089,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":46588,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686630725136169,"flow_src_last_pkt_time":1686630725136169,"flow_dst_last_pkt_time":1686630725136169,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686633699223089,"l3_proto":"ip4","src_ip":"74.239.16.156","dst_ip":"90.145.180.58","src_port":46464,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":508,"packets-processed":507,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25730,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":501,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":501,"total-idle-flows":500,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2423,"global_ts_usec":1686635615867515} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":508,"packets-processed":507,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25730,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":501,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":501,"total-idle-flows":500,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2423,"global_ts_usec":1686635615867515} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686635615867515,"flow_src_last_pkt_time":1686635615867515,"flow_dst_last_pkt_time":1686635615867515,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686635615867515,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.147.171.51","src_port":17542,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":502,"flow_packet_id":1,"flow_src_last_pkt_time":1686635615867515,"flow_dst_last_pkt_time":1686635615867515,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686635615867515,"pkt":"AAwp30Y4PJTVQTiBCABFCABLHKcAACQRp8jjhlHUWpOrM0SGAasAN9kDAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686635615867515,"flow_src_last_pkt_time":1686635615867515,"flow_dst_last_pkt_time":1686635615867515,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686635615867515,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.147.171.51","src_port":17542,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686633699223089,"flow_src_last_pkt_time":1686633699223089,"flow_dst_last_pkt_time":1686633699223089,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686635615867515,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"165.144.84.62","src_port":46588,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":509,"packets-processed":508,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25777,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":502,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":502,"total-idle-flows":501,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2428,"global_ts_usec":1686645708313834} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":509,"packets-processed":508,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25777,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":502,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":502,"total-idle-flows":501,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2428,"global_ts_usec":1686645708313834} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686645708313834,"flow_src_last_pkt_time":1686645708313834,"flow_dst_last_pkt_time":1686645708313834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686645708313834,"l3_proto":"ip4","src_ip":"93.36.35.136","dst_ip":"165.114.202.61","src_port":56600,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":503,"flow_packet_id":1,"flow_src_last_pkt_time":1686645708313834,"flow_dst_last_pkt_time":1686645708313834,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686645708313834,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbhVdJCOIpXLKPd0YAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686645708313834,"flow_src_last_pkt_time":1686645708313834,"flow_dst_last_pkt_time":1686645708313834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686645708313834,"l3_proto":"ip4","src_ip":"93.36.35.136","dst_ip":"165.114.202.61","src_port":56600,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686635615867515,"flow_src_last_pkt_time":1686635615867515,"flow_dst_last_pkt_time":1686635615867515,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686645708313834,"l3_proto":"ip4","src_ip":"227.134.81.212","dst_ip":"90.147.171.51","src_port":17542,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":510,"packets-processed":509,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25806,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":503,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":503,"total-idle-flows":502,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2433,"global_ts_usec":1686648509180305} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":510,"packets-processed":509,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25806,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":503,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":503,"total-idle-flows":502,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2433,"global_ts_usec":1686648509180305} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648509180305,"flow_src_last_pkt_time":1686648509180305,"flow_dst_last_pkt_time":1686648509180305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648509180305,"l3_proto":"ip4","src_ip":"76.50.135.245","dst_ip":"90.141.37.56","src_port":51836,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":504,"flow_packet_id":1,"flow_src_last_pkt_time":1686648509180305,"flow_dst_last_pkt_time":1686648509180305,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686648509180305,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPoRXu5MMof1Wo0lOMp8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648509180305,"flow_src_last_pkt_time":1686648509180305,"flow_dst_last_pkt_time":1686648509180305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648509180305,"l3_proto":"ip4","src_ip":"76.50.135.245","dst_ip":"90.141.37.56","src_port":51836,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2439,17 +2439,17 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":511,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":505,"flow_packet_id":1,"flow_src_last_pkt_time":1686648822385793,"flow_dst_last_pkt_time":1686648822385793,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686648822385793,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRbOVFJOfmRW27NthOAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":511,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648822385793,"flow_src_last_pkt_time":1686648822385793,"flow_dst_last_pkt_time":1686648822385793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648822385793,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"69.109.187.54","src_port":55374,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648509180305,"flow_src_last_pkt_time":1686648509180305,"flow_dst_last_pkt_time":1686648509180305,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686648822385793,"l3_proto":"ip4","src_ip":"76.50.135.245","dst_ip":"90.141.37.56","src_port":51836,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":512,"packets-processed":511,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25864,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":505,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":505,"total-idle-flows":504,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2442,"global_ts_usec":1686659729108378} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":512,"packets-processed":511,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25864,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":505,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":505,"total-idle-flows":504,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2442,"global_ts_usec":1686659729108378} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686659729108378,"flow_src_last_pkt_time":1686659729108378,"flow_dst_last_pkt_time":1686659729108378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686659729108378,"l3_proto":"ip4","src_ip":"122.122.167.9","dst_ip":"90.141.37.56","src_port":43646,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":506,"flow_packet_id":1,"flow_src_last_pkt_time":1686659729108378,"flow_dst_last_pkt_time":1686659729108378,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686659729108378,"pkt":"3jHC4dyOPJTVQTiBCABFCABSFQsAAO0Rd7F6eqcJWo0lOKp+AasAPpZZAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686659729108378,"flow_src_last_pkt_time":1686659729108378,"flow_dst_last_pkt_time":1686659729108378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686659729108378,"l3_proto":"ip4","src_ip":"122.122.167.9","dst_ip":"90.141.37.56","src_port":43646,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686648822385793,"flow_src_last_pkt_time":1686648822385793,"flow_dst_last_pkt_time":1686648822385793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686659729108378,"l3_proto":"ip4","src_ip":"69.36.231.230","dst_ip":"69.109.187.54","src_port":55374,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":513,"packets-processed":512,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25918,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":506,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":506,"total-idle-flows":505,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2447,"global_ts_usec":1686665626336271} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":513,"packets-processed":512,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25918,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":506,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":506,"total-idle-flows":505,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2447,"global_ts_usec":1686665626336271} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686665626336271,"flow_src_last_pkt_time":1686665626336271,"flow_dst_last_pkt_time":1686665626336271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686665626336271,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":48498,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":507,"flow_packet_id":1,"flow_src_last_pkt_time":1686665626336271,"flow_dst_last_pkt_time":1686665626336271,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686665626336271,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPb1yAasAJSz9AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686665626336271,"flow_src_last_pkt_time":1686665626336271,"flow_dst_last_pkt_time":1686665626336271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686665626336271,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":48498,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686659729108378,"flow_src_last_pkt_time":1686659729108378,"flow_dst_last_pkt_time":1686659729108378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686665626336271,"l3_proto":"ip4","src_ip":"122.122.167.9","dst_ip":"90.141.37.56","src_port":43646,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":514,"packets-processed":513,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25947,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":507,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":507,"total-idle-flows":506,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2452,"global_ts_usec":1686666893687687} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":514,"packets-processed":513,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":25947,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":507,"total-detection-updates":0,"total-updates":89,"current-active-flows":1,"total-active-flows":507,"total-idle-flows":506,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2452,"global_ts_usec":1686666893687687} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666893687687,"flow_src_last_pkt_time":1686666893687687,"flow_dst_last_pkt_time":1686666893687687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666893687687,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":35848,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":508,"flow_packet_id":1,"flow_src_last_pkt_time":1686666893687687,"flow_dst_last_pkt_time":1686666893687687,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686666893687687,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPURKLTIH5CeWpG0OowIAasAJV5qAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666893687687,"flow_src_last_pkt_time":1686666893687687,"flow_dst_last_pkt_time":1686666893687687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666893687687,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":35848,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2458,7 +2458,7 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":515,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":509,"flow_packet_id":1,"flow_src_last_pkt_time":1686666997632966,"flow_dst_last_pkt_time":1686666997632966,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686666997632966,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27NpV4AasAJVUAAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":515,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666997632966,"flow_src_last_pkt_time":1686666997632966,"flow_dst_last_pkt_time":1686666997632966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666997632966,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":38264,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686666893687687,"flow_src_last_pkt_time":1686666893687687,"flow_dst_last_pkt_time":1686666893687687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686666997632966,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.145.180.58","src_port":35848,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":516,"packets-processed":515,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26005,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":509,"total-detection-updates":0,"total-updates":90,"current-active-flows":2,"total-active-flows":509,"total-idle-flows":507,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2461,"global_ts_usec":1686668729813725} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":516,"packets-processed":515,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26005,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":509,"total-detection-updates":0,"total-updates":90,"current-active-flows":2,"total-active-flows":509,"total-idle-flows":507,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2461,"global_ts_usec":1686668729813725} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668729813725,"flow_src_last_pkt_time":1686668729813725,"flow_dst_last_pkt_time":1686668729813725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668729813725,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":49404,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":510,"flow_packet_id":1,"flow_src_last_pkt_time":1686668729813725,"flow_dst_last_pkt_time":1686668729813725,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686668729813725,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPURKLbIH5CeVW80OcD8AasAJSl4AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668729813725,"flow_src_last_pkt_time":1686668729813725,"flow_dst_last_pkt_time":1686668729813725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668729813725,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":49404,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2468,7 +2468,7 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":511,"flow_packet_id":1,"flow_src_last_pkt_time":1686668903038990,"flow_dst_last_pkt_time":1686668903038990,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686668903038990,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPMRpTfvg6CYWpOrM57NAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668903038990,"flow_src_last_pkt_time":1686668903038990,"flow_dst_last_pkt_time":1686668903038990,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668903038990,"l3_proto":"ip4","src_ip":"239.131.160.152","dst_ip":"90.147.171.51","src_port":40653,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686668729813725,"flow_src_last_pkt_time":1686668729813725,"flow_dst_last_pkt_time":1686668729813725,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686668903038990,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"85.111.52.57","src_port":49404,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":518,"packets-processed":517,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26132,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":511,"total-detection-updates":0,"total-updates":91,"current-active-flows":2,"total-active-flows":511,"total-idle-flows":509,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2471,"global_ts_usec":1686669522645622} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":518,"packets-processed":517,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26132,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":511,"total-detection-updates":0,"total-updates":91,"current-active-flows":2,"total-active-flows":511,"total-idle-flows":509,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2471,"global_ts_usec":1686669522645622} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669522645622,"flow_src_last_pkt_time":1686669522645622,"flow_dst_last_pkt_time":1686669522645622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669522645622,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":33216,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":512,"flow_packet_id":1,"flow_src_last_pkt_time":1686669522645622,"flow_dst_last_pkt_time":1686669522645622,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686669522645622,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPoHAAasAJWiwAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669522645622,"flow_src_last_pkt_time":1686669522645622,"flow_dst_last_pkt_time":1686669522645622,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669522645622,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":33216,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2481,7 +2481,7 @@ 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":520,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669802055928,"flow_src_last_pkt_time":1686669802055928,"flow_dst_last_pkt_time":1686669802055928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669802055928,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"74.111.203.55","src_port":51278,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00646{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":520,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":514,"flow_packet_id":1,"flow_src_last_pkt_time":1686669802055928,"flow_dst_last_pkt_time":1686669802055928,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686669802055928,"pkt":"ipffLU2SPJTVQTiBCABFAAB+1DEAAPIRpSnthLCISm\/LN8hOAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":520,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686669802055928,"flow_src_last_pkt_time":1686669802055928,"flow_dst_last_pkt_time":1686669802055928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686669802055928,"l3_proto":"ip4","src_ip":"237.132.176.136","dst_ip":"74.111.203.55","src_port":51278,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":521,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":521,"packets-processed":520,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26288,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":514,"total-detection-updates":0,"total-updates":91,"current-active-flows":2,"total-active-flows":514,"total-idle-flows":512,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2484,"global_ts_usec":1686670236730839} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":521,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":521,"packets-processed":520,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26288,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":514,"total-detection-updates":0,"total-updates":91,"current-active-flows":2,"total-active-flows":514,"total-idle-flows":512,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2484,"global_ts_usec":1686670236730839} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":521,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670236730839,"flow_src_last_pkt_time":1686670236730839,"flow_dst_last_pkt_time":1686670236730839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670236730839,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50377,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":521,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":515,"flow_packet_id":1,"flow_src_last_pkt_time":1686670236730839,"flow_dst_last_pkt_time":1686670236730839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686670236730839,"pkt":"xmjqc4OdPJTVQTiBCABFAAB+1DEAAPMRCZP2S2hzunDKNcTJAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":521,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670236730839,"flow_src_last_pkt_time":1686670236730839,"flow_dst_last_pkt_time":1686670236730839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670236730839,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"186.112.202.53","src_port":50377,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2495,7 +2495,7 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":523,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":517,"flow_packet_id":1,"flow_src_last_pkt_time":1686670830957645,"flow_dst_last_pkt_time":1686670830957645,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686670830957645,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPURKLnIH5CeunDKNbxnAasAJS4QAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":523,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670830957645,"flow_src_last_pkt_time":1686670830957645,"flow_dst_last_pkt_time":1686670830957645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670830957645,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"186.112.202.53","src_port":48231,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686670733471596,"flow_src_last_pkt_time":1686670733471596,"flow_dst_last_pkt_time":1686670733471596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686670830957645,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"165.144.84.62","src_port":51457,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":524,"packets-processed":523,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26513,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":517,"total-detection-updates":0,"total-updates":92,"current-active-flows":2,"total-active-flows":517,"total-idle-flows":515,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2498,"global_ts_usec":1686671088394461} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":524,"packets-processed":523,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26513,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":517,"total-detection-updates":0,"total-updates":92,"current-active-flows":2,"total-active-flows":517,"total-idle-flows":515,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2498,"global_ts_usec":1686671088394461} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671088394461,"flow_src_last_pkt_time":1686671088394461,"flow_dst_last_pkt_time":1686671088394461,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671088394461,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":55658,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":518,"flow_packet_id":1,"flow_src_last_pkt_time":1686671088394461,"flow_dst_last_pkt_time":1686671088394461,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686671088394461,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN9lqAasAJREPAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":524,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671088394461,"flow_src_last_pkt_time":1686671088394461,"flow_dst_last_pkt_time":1686671088394461,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671088394461,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":55658,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2505,12 +2505,12 @@ 00647{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":525,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":519,"flow_packet_id":1,"flow_src_last_pkt_time":1686671667122633,"flow_dst_last_pkt_time":1686671667122633,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686671667122633,"pkt":"AAwp30Y4PJTVQTiBCABFAAB+1DEAAPARDNFGtG\/xWm\/UMuPMAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":525,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671667122633,"flow_src_last_pkt_time":1686671667122633,"flow_dst_last_pkt_time":1686671667122633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671667122633,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.111.212.50","src_port":58316,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671088394461,"flow_src_last_pkt_time":1686671088394461,"flow_dst_last_pkt_time":1686671088394461,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686671667122633,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":55658,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":526,"packets-processed":525,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26640,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":519,"total-detection-updates":0,"total-updates":92,"current-active-flows":1,"total-active-flows":519,"total-idle-flows":518,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2508,"global_ts_usec":1686672644862134} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":526,"packets-processed":525,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26640,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":519,"total-detection-updates":0,"total-updates":92,"current-active-flows":1,"total-active-flows":519,"total-idle-flows":518,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2508,"global_ts_usec":1686672644862134} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":520,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686672644862134,"flow_src_last_pkt_time":1686672644862134,"flow_dst_last_pkt_time":1686672644862134,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686672644862134,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":45270,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":520,"flow_packet_id":1,"flow_src_last_pkt_time":1686672644862134,"flow_dst_last_pkt_time":1686672644862134,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686672644862134,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMrDWAasAJTmkAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":520,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686672644862134,"flow_src_last_pkt_time":1686672644862134,"flow_dst_last_pkt_time":1686672644862134,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686672644862134,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":45270,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686671667122633,"flow_src_last_pkt_time":1686671667122633,"flow_dst_last_pkt_time":1686671667122633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686672644862134,"l3_proto":"ip4","src_ip":"70.180.111.241","dst_ip":"90.111.212.50","src_port":58316,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":527,"packets-processed":526,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26669,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":520,"total-detection-updates":0,"total-updates":92,"current-active-flows":1,"total-active-flows":520,"total-idle-flows":519,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2513,"global_ts_usec":1686675995117787} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":527,"packets-processed":526,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26669,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":520,"total-detection-updates":0,"total-updates":92,"current-active-flows":1,"total-active-flows":520,"total-idle-flows":519,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2513,"global_ts_usec":1686675995117787} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":521,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686675995117787,"flow_src_last_pkt_time":1686675995117787,"flow_dst_last_pkt_time":1686675995117787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686675995117787,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"69.109.187.54","src_port":54554,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":521,"flow_packet_id":1,"flow_src_last_pkt_time":1686675995117787,"flow_dst_last_pkt_time":1686675995117787,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686675995117787,"pkt":"bpHurUgdPJTVQTiBCABFAAB+1DEAAPMRCZPItJByRW27NtUaAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":521,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686675995117787,"flow_src_last_pkt_time":1686675995117787,"flow_dst_last_pkt_time":1686675995117787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686675995117787,"l3_proto":"ip4","src_ip":"200.180.144.114","dst_ip":"69.109.187.54","src_port":54554,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2523,43 +2523,43 @@ 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":523,"flow_packet_id":1,"flow_src_last_pkt_time":1686676562888350,"flow_dst_last_pkt_time":1686676562888350,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"thread_ts_usec":1686676562888350,"pkt":"3jHC4dyOPJTVQTiBCABFAAB+1DEAAPMRCZH2S2hzWo0lOOAVAasAagAAAgMAAGJAAAAAAIgRAAJlbgABLAAVc2xwVGVzdDovL3Rlc3Q6MzEzMzcvAAApc2xwVGVzdDovL3Rlc3Q6MzEzMzcvYWFhYWFhYWFhYWFhYWFhYWFhYWEAB2RlZmF1bHQAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":523,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676562888350,"flow_src_last_pkt_time":1686676562888350,"flow_dst_last_pkt_time":1686676562888350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686676562888350,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":57365,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":522,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676477972093,"flow_src_last_pkt_time":1686676477972093,"flow_dst_last_pkt_time":1686676477972093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686676562888350,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"85.111.52.57","src_port":56229,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":530,"packets-processed":529,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26963,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":523,"total-detection-updates":0,"total-updates":93,"current-active-flows":2,"total-active-flows":523,"total-idle-flows":521,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2526,"global_ts_usec":1686680332589205} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":530,"packets-processed":529,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26963,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":523,"total-detection-updates":0,"total-updates":93,"current-active-flows":2,"total-active-flows":523,"total-idle-flows":521,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2526,"global_ts_usec":1686680332589205} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":524,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686680332589205,"flow_src_last_pkt_time":1686680332589205,"flow_dst_last_pkt_time":1686680332589205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686680332589205,"l3_proto":"ip4","src_ip":"194.23.249.243","dst_ip":"74.111.203.55","src_port":54741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":524,"flow_packet_id":1,"flow_src_last_pkt_time":1686680332589205,"flow_dst_last_pkt_time":1686680332589205,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686680332589205,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbdzCF\/nzSm\/LN9XVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":524,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686680332589205,"flow_src_last_pkt_time":1686680332589205,"flow_dst_last_pkt_time":1686680332589205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686680332589205,"l3_proto":"ip4","src_ip":"194.23.249.243","dst_ip":"74.111.203.55","src_port":54741,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":523,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676562888350,"flow_src_last_pkt_time":1686676562888350,"flow_dst_last_pkt_time":1686676562888350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686680332589205,"l3_proto":"ip4","src_ip":"246.75.104.115","dst_ip":"90.141.37.56","src_port":57365,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":522,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686676477972093,"flow_src_last_pkt_time":1686676477972093,"flow_dst_last_pkt_time":1686676477972093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":98,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":98,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":98,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686680332589205,"l3_proto":"ip4","src_ip":"208.123.176.154","dst_ip":"85.111.52.57","src_port":56229,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":531,"packets-processed":530,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26992,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":524,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":524,"total-idle-flows":523,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2532,"global_ts_usec":1686682695732816} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":531,"packets-processed":530,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":26992,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":524,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":524,"total-idle-flows":523,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2532,"global_ts_usec":1686682695732816} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":525,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686682695732816,"flow_src_last_pkt_time":1686682695732816,"flow_dst_last_pkt_time":1686682695732816,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686682695732816,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"165.144.84.62","src_port":53358,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":525,"flow_packet_id":1,"flow_src_last_pkt_time":1686682695732816,"flow_dst_last_pkt_time":1686682695732816,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686682695732816,"pkt":"AAwp30Y4PJTVQTiBCABFAABL3fsAACcR9RylgP10pZBUPtBuAasAN168AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":525,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686682695732816,"flow_src_last_pkt_time":1686682695732816,"flow_dst_last_pkt_time":1686682695732816,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686682695732816,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"165.144.84.62","src_port":53358,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":524,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686680332589205,"flow_src_last_pkt_time":1686680332589205,"flow_dst_last_pkt_time":1686680332589205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686682695732816,"l3_proto":"ip4","src_ip":"194.23.249.243","dst_ip":"74.111.203.55","src_port":54741,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":532,"packets-processed":531,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27039,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":525,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":525,"total-idle-flows":524,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2537,"global_ts_usec":1686684959984610} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":532,"packets-processed":531,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27039,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":525,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":525,"total-idle-flows":524,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2537,"global_ts_usec":1686684959984610} 00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":526,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686684959984610,"flow_src_last_pkt_time":1686684959984610,"flow_dst_last_pkt_time":1686684959984610,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686684959984610,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"186.112.202.53","src_port":11982,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":526,"flow_packet_id":1,"flow_src_last_pkt_time":1686684959984610,"flow_dst_last_pkt_time":1686684959984610,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686684959984610,"pkt":"xmjqc4OdPJTVQTiBCABFAABLbxIAACcRZBadePx7unDKNS7OAasANwBtAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00949{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":526,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686684959984610,"flow_src_last_pkt_time":1686684959984610,"flow_dst_last_pkt_time":1686684959984610,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686684959984610,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"186.112.202.53","src_port":11982,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":525,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686682695732816,"flow_src_last_pkt_time":1686682695732816,"flow_dst_last_pkt_time":1686682695732816,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686684959984610,"l3_proto":"ip4","src_ip":"165.128.253.116","dst_ip":"165.144.84.62","src_port":53358,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":533,"packets-processed":532,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27086,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":526,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":526,"total-idle-flows":525,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2542,"global_ts_usec":1686700828543151} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":533,"packets-processed":532,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27086,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":526,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":526,"total-idle-flows":525,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2542,"global_ts_usec":1686700828543151} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":527,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686700828543151,"flow_src_last_pkt_time":1686700828543151,"flow_dst_last_pkt_time":1686700828543151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686700828543151,"l3_proto":"ip4","src_ip":"79.210.95.146","dst_ip":"165.114.202.61","src_port":54728,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":527,"flow_packet_id":1,"flow_src_last_pkt_time":1686700828543151,"flow_dst_last_pkt_time":1686700828543151,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686700828543151,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRYDBP0l+SpXLKPdXIAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":527,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686700828543151,"flow_src_last_pkt_time":1686700828543151,"flow_dst_last_pkt_time":1686700828543151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686700828543151,"l3_proto":"ip4","src_ip":"79.210.95.146","dst_ip":"165.114.202.61","src_port":54728,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":526,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686684959984610,"flow_src_last_pkt_time":1686684959984610,"flow_dst_last_pkt_time":1686684959984610,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686700828543151,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"186.112.202.53","src_port":11982,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":534,"packets-processed":533,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27115,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":527,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":527,"total-idle-flows":526,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2547,"global_ts_usec":1686703749016048} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":534,"packets-processed":533,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27115,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":527,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":527,"total-idle-flows":526,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2547,"global_ts_usec":1686703749016048} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":528,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686703749016048,"flow_src_last_pkt_time":1686703749016048,"flow_dst_last_pkt_time":1686703749016048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686703749016048,"l3_proto":"ip4","src_ip":"185.31.153.50","dst_ip":"186.112.202.53","src_port":50851,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":528,"flow_packet_id":1,"flow_src_last_pkt_time":1686703749016048,"flow_dst_last_pkt_time":1686703749016048,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686703749016048,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPoRbFq5H5kyunDKNcajAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":528,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686703749016048,"flow_src_last_pkt_time":1686703749016048,"flow_dst_last_pkt_time":1686703749016048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686703749016048,"l3_proto":"ip4","src_ip":"185.31.153.50","dst_ip":"186.112.202.53","src_port":50851,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":527,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686700828543151,"flow_src_last_pkt_time":1686700828543151,"flow_dst_last_pkt_time":1686700828543151,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686703749016048,"l3_proto":"ip4","src_ip":"79.210.95.146","dst_ip":"165.114.202.61","src_port":54728,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":535,"packets-processed":534,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27144,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":528,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":528,"total-idle-flows":527,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2552,"global_ts_usec":1686704612212174} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":535,"packets-processed":534,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27144,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":528,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":528,"total-idle-flows":527,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2552,"global_ts_usec":1686704612212174} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":529,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686704612212174,"flow_src_last_pkt_time":1686704612212174,"flow_dst_last_pkt_time":1686704612212174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686704612212174,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"90.141.37.56","src_port":34795,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":529,"flow_packet_id":1,"flow_src_last_pkt_time":1686704612212174,"flow_dst_last_pkt_time":1686704612212174,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686704612212174,"pkt":"3jHC4dyOPJTVQTiBCABFAABLT2YAACcRg7wid3p+Wo0lOIfrAasAN6dJAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":529,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686704612212174,"flow_src_last_pkt_time":1686704612212174,"flow_dst_last_pkt_time":1686704612212174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686704612212174,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"90.141.37.56","src_port":34795,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":528,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686703749016048,"flow_src_last_pkt_time":1686703749016048,"flow_dst_last_pkt_time":1686703749016048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686704612212174,"l3_proto":"ip4","src_ip":"185.31.153.50","dst_ip":"186.112.202.53","src_port":50851,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":536,"packets-processed":535,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27191,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":529,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":529,"total-idle-flows":528,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2557,"global_ts_usec":1686705292730193} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":536,"packets-processed":535,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27191,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":529,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":529,"total-idle-flows":528,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2557,"global_ts_usec":1686705292730193} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":530,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686705292730193,"flow_src_last_pkt_time":1686705292730193,"flow_dst_last_pkt_time":1686705292730193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686705292730193,"l3_proto":"ip4","src_ip":"253.112.232.91","dst_ip":"69.109.187.54","src_port":40051,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":530,"flow_packet_id":1,"flow_src_last_pkt_time":1686705292730193,"flow_dst_last_pkt_time":1686705292730193,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686705292730193,"pkt":"bpHurUgdPJTVQTiBCABFAABSlN0AAPMR8Cz9cOhbRW27NpxzAasAPqKqAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":530,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686705292730193,"flow_src_last_pkt_time":1686705292730193,"flow_dst_last_pkt_time":1686705292730193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686705292730193,"l3_proto":"ip4","src_ip":"253.112.232.91","dst_ip":"69.109.187.54","src_port":40051,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":529,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686704612212174,"flow_src_last_pkt_time":1686704612212174,"flow_dst_last_pkt_time":1686704612212174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686705292730193,"l3_proto":"ip4","src_ip":"34.119.122.126","dst_ip":"90.141.37.56","src_port":34795,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":537,"packets-processed":536,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27245,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":530,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":530,"total-idle-flows":529,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2562,"global_ts_usec":1686709262177735} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":537,"packets-processed":536,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27245,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":530,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":530,"total-idle-flows":529,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2562,"global_ts_usec":1686709262177735} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709262177735,"flow_src_last_pkt_time":1686709262177735,"flow_dst_last_pkt_time":1686709262177735,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709262177735,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":47719,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":531,"flow_packet_id":1,"flow_src_last_pkt_time":1686709262177735,"flow_dst_last_pkt_time":1686709262177735,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686709262177735,"pkt":"AAwp30Y4PJTVQTiBCABFAABLpjwAACcRLOViZ\/1zWm\/UMrpnAasAN3TMAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709262177735,"flow_src_last_pkt_time":1686709262177735,"flow_dst_last_pkt_time":1686709262177735,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709262177735,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":47719,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2568,7 +2568,7 @@ 00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":532,"flow_packet_id":1,"flow_src_last_pkt_time":1686709804807056,"flow_dst_last_pkt_time":1686709804807056,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686709804807056,"pkt":"ipffLU2SPJTVQTiBCABFCABL1UgAACER9mnk\/1R3Sm\/LN\/BTAasANzF5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":532,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709804807056,"flow_src_last_pkt_time":1686709804807056,"flow_dst_last_pkt_time":1686709804807056,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709804807056,"l3_proto":"ip4","src_ip":"228.255.84.119","dst_ip":"74.111.203.55","src_port":61523,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686709262177735,"flow_src_last_pkt_time":1686709262177735,"flow_dst_last_pkt_time":1686709262177735,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686709804807056,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"90.111.212.50","src_port":47719,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":539,"packets-processed":538,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27339,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":532,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":532,"total-idle-flows":531,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2571,"global_ts_usec":1686713625992470} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":539,"packets-processed":538,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27339,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":532,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":532,"total-idle-flows":531,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2571,"global_ts_usec":1686713625992470} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713625992470,"flow_src_last_pkt_time":1686713625992470,"flow_dst_last_pkt_time":1686713625992470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713625992470,"l3_proto":"ip4","src_ip":"178.240.255.34","dst_ip":"69.109.187.54","src_port":54964,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":533,"flow_packet_id":1,"flow_src_last_pkt_time":1686713625992470,"flow_dst_last_pkt_time":1686713625992470,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686713625992470,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRXoSy8P8iRW27Nta0AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713625992470,"flow_src_last_pkt_time":1686713625992470,"flow_dst_last_pkt_time":1686713625992470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713625992470,"l3_proto":"ip4","src_ip":"178.240.255.34","dst_ip":"69.109.187.54","src_port":54964,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2577,12 +2577,12 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":540,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":534,"flow_packet_id":1,"flow_src_last_pkt_time":1686713856291158,"flow_dst_last_pkt_time":1686713856291158,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686713856291158,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRbY1Z7HpkWpG0OsrWAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":540,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":534,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713856291158,"flow_src_last_pkt_time":1686713856291158,"flow_dst_last_pkt_time":1686713856291158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713856291158,"l3_proto":"ip4","src_ip":"89.236.122.100","dst_ip":"90.145.180.58","src_port":51926,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713625992470,"flow_src_last_pkt_time":1686713625992470,"flow_dst_last_pkt_time":1686713625992470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686713856291158,"l3_proto":"ip4","src_ip":"178.240.255.34","dst_ip":"69.109.187.54","src_port":54964,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":541,"packets-processed":540,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27397,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":534,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":534,"total-idle-flows":533,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2580,"global_ts_usec":1686714599962630} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":541,"packets-processed":540,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27397,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":534,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":534,"total-idle-flows":533,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2580,"global_ts_usec":1686714599962630} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":535,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686714599962630,"flow_src_last_pkt_time":1686714599962630,"flow_dst_last_pkt_time":1686714599962630,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686714599962630,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"69.109.187.54","src_port":35057,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":535,"flow_packet_id":1,"flow_src_last_pkt_time":1686714599962630,"flow_dst_last_pkt_time":1686714599962630,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686714599962630,"pkt":"bpHurUgdPJTVQTiBCABFAABLYvQAACcRcDOagXt8RW27NojxAasAN6ZIAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":535,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686714599962630,"flow_src_last_pkt_time":1686714599962630,"flow_dst_last_pkt_time":1686714599962630,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686714599962630,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"69.109.187.54","src_port":35057,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":534,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686713856291158,"flow_src_last_pkt_time":1686713856291158,"flow_dst_last_pkt_time":1686713856291158,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686714599962630,"l3_proto":"ip4","src_ip":"89.236.122.100","dst_ip":"90.145.180.58","src_port":51926,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":542,"packets-processed":541,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27444,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":535,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":535,"total-idle-flows":534,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2585,"global_ts_usec":1686715614560571} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":542,"packets-processed":541,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27444,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":535,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":535,"total-idle-flows":534,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2585,"global_ts_usec":1686715614560571} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":536,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686715614560571,"flow_src_last_pkt_time":1686715614560571,"flow_dst_last_pkt_time":1686715614560571,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686715614560571,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.111.212.50","src_port":61013,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":536,"flow_packet_id":1,"flow_src_last_pkt_time":1686715614560571,"flow_dst_last_pkt_time":1686715614560571,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686715614560571,"pkt":"AAwp30Y4PJTVQTiBCABFCABLxe4AACIRBL8j\/EVxWm\/UMu5VAasANzNyAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":536,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686715614560571,"flow_src_last_pkt_time":1686715614560571,"flow_dst_last_pkt_time":1686715614560571,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686715614560571,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.111.212.50","src_port":61013,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2591,7 +2591,7 @@ 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":543,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":537,"flow_packet_id":1,"flow_src_last_pkt_time":1686716172395855,"flow_dst_last_pkt_time":1686716172395855,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686716172395855,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbTxe0sIfVW80OdC4AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":543,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":537,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686716172395855,"flow_src_last_pkt_time":1686716172395855,"flow_dst_last_pkt_time":1686716172395855,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686716172395855,"l3_proto":"ip4","src_ip":"94.210.194.31","dst_ip":"85.111.52.57","src_port":53432,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":536,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686715614560571,"flow_src_last_pkt_time":1686715614560571,"flow_dst_last_pkt_time":1686715614560571,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686716172395855,"l3_proto":"ip4","src_ip":"35.252.69.113","dst_ip":"90.111.212.50","src_port":61013,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":544,"packets-processed":543,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27520,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":537,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":537,"total-idle-flows":536,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2594,"global_ts_usec":1686717273049688} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":544,"packets-processed":543,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27520,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":537,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":537,"total-idle-flows":536,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2594,"global_ts_usec":1686717273049688} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":538,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717273049688,"flow_src_last_pkt_time":1686717273049688,"flow_dst_last_pkt_time":1686717273049688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717273049688,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"90.111.212.50","src_port":16953,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":538,"flow_packet_id":1,"flow_src_last_pkt_time":1686717273049688,"flow_dst_last_pkt_time":1686717273049688,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686717273049688,"pkt":"AAwp30Y4PJTVQTiBCABFCABLtG0AACQRD\/vnJlLdWm\/UMkI5AasAN9tJAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":538,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717273049688,"flow_src_last_pkt_time":1686717273049688,"flow_dst_last_pkt_time":1686717273049688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717273049688,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"90.111.212.50","src_port":16953,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2600,12 +2600,12 @@ 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":539,"flow_packet_id":1,"flow_src_last_pkt_time":1686717773171081,"flow_dst_last_pkt_time":1686717773171081,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686717773171081,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLaxoAACQRWUtYH27bVW80OZqoAasAN4LXAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":539,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717773171081,"flow_src_last_pkt_time":1686717773171081,"flow_dst_last_pkt_time":1686717773171081,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717773171081,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"85.111.52.57","src_port":39592,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":538,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717273049688,"flow_src_last_pkt_time":1686717273049688,"flow_dst_last_pkt_time":1686717273049688,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686717773171081,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"90.111.212.50","src_port":16953,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":546,"packets-processed":545,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27614,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":539,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":539,"total-idle-flows":538,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2603,"global_ts_usec":1686720855584550} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":546,"packets-processed":545,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27614,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":539,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":539,"total-idle-flows":538,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2603,"global_ts_usec":1686720855584550} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":540,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686720855584550,"flow_src_last_pkt_time":1686720855584550,"flow_dst_last_pkt_time":1686720855584550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686720855584550,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"69.109.187.54","src_port":4034,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":540,"flow_packet_id":1,"flow_src_last_pkt_time":1686720855584550,"flow_dst_last_pkt_time":1686720855584550,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686720855584550,"pkt":"bpHurUgdPJTVQTiBCABFCABLQSYAACQRg0fn33nVRW27Ng\/CAasANw3GAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":540,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686720855584550,"flow_src_last_pkt_time":1686720855584550,"flow_dst_last_pkt_time":1686720855584550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686720855584550,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"69.109.187.54","src_port":4034,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":539,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686717773171081,"flow_src_last_pkt_time":1686717773171081,"flow_dst_last_pkt_time":1686717773171081,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686720855584550,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"85.111.52.57","src_port":39592,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":547,"packets-processed":546,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27661,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":540,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":540,"total-idle-flows":539,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2608,"global_ts_usec":1686722365950548} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":547,"packets-processed":546,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27661,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":540,"total-detection-updates":0,"total-updates":93,"current-active-flows":1,"total-active-flows":540,"total-idle-flows":539,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2608,"global_ts_usec":1686722365950548} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":541,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722365950548,"flow_src_last_pkt_time":1686722365950548,"flow_dst_last_pkt_time":1686722365950548,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722365950548,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"165.114.202.61","src_port":49841,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":541,"flow_packet_id":1,"flow_src_last_pkt_time":1686722365950548,"flow_dst_last_pkt_time":1686722365950548,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686722365950548,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+bGJAADQRNItAPySLpXLKPcKxAasAKgb4AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":541,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722365950548,"flow_src_last_pkt_time":1686722365950548,"flow_dst_last_pkt_time":1686722365950548,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722365950548,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"165.114.202.61","src_port":49841,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2623,7 +2623,7 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":550,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":544,"flow_packet_id":1,"flow_src_last_pkt_time":1686722933062511,"flow_dst_last_pkt_time":1686722933062511,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686722933062511,"pkt":"bpHurUgdPJTVQTiBCABFAAA+udZAADQR5x9APySLRW27NsKxAasAKgcBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":550,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722933062511,"flow_src_last_pkt_time":1686722933062511,"flow_dst_last_pkt_time":1686722933062511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722933062511,"l3_proto":"ip4","src_ip":"64.63.36.139","dst_ip":"69.109.187.54","src_port":49841,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":543,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722723892485,"flow_src_last_pkt_time":1686722723892485,"flow_dst_last_pkt_time":1686722723892485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722933062511,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"90.147.171.51","src_port":14637,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":551,"packets-processed":550,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27797,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":544,"total-detection-updates":0,"total-updates":94,"current-active-flows":1,"total-active-flows":544,"total-idle-flows":543,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2626,"global_ts_usec":1686722979135224} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":551,"packets-processed":550,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27797,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":544,"total-detection-updates":0,"total-updates":94,"current-active-flows":1,"total-active-flows":544,"total-idle-flows":543,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2626,"global_ts_usec":1686722979135224} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":545,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722979135224,"flow_src_last_pkt_time":1686722979135224,"flow_dst_last_pkt_time":1686722979135224,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722979135224,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":30888,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":545,"flow_packet_id":1,"flow_src_last_pkt_time":1686722979135224,"flow_dst_last_pkt_time":1686722979135224,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686722979135224,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+JuRAADQRegS\/OSSHpZBUPnioAasAKlD8AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":545,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686722979135224,"flow_src_last_pkt_time":1686722979135224,"flow_dst_last_pkt_time":1686722979135224,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686722979135224,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":30888,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2643,99 +2643,99 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":548,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723578690477,"flow_src_last_pkt_time":1686723578690477,"flow_dst_last_pkt_time":1686723578690477,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723578690477,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.145.180.58","src_port":6016,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":546,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723156732545,"flow_src_last_pkt_time":1686723156732545,"flow_dst_last_pkt_time":1686723156732545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723578690477,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"74.111.203.55","src_port":21356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":547,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723218825916,"flow_src_last_pkt_time":1686723218825916,"flow_dst_last_pkt_time":1686723218825916,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723578690477,"l3_proto":"ip4","src_ip":"64.63.52.142","dst_ip":"85.111.52.57","src_port":45266,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Twitter","proto_by_ip_id":120,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":555,"packets-processed":554,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27933,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":548,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":548,"total-idle-flows":547,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2646,"global_ts_usec":1686723785197536} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":555,"packets-processed":554,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27933,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":548,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":548,"total-idle-flows":547,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2646,"global_ts_usec":1686723785197536} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":549,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723785197536,"flow_src_last_pkt_time":1686723785197536,"flow_dst_last_pkt_time":1686723785197536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723785197536,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.141.37.56","src_port":21356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":549,"flow_packet_id":1,"flow_src_last_pkt_time":1686723785197536,"flow_dst_last_pkt_time":1686723785197536,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686723785197536,"pkt":"3jHC4dyOPJTVQTiBCABFAAA++PJAADQRp\/m4wTqGWo0lOFNsAasAKnY8AgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":549,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723785197536,"flow_src_last_pkt_time":1686723785197536,"flow_dst_last_pkt_time":1686723785197536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723785197536,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.141.37.56","src_port":21356,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":548,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723578690477,"flow_src_last_pkt_time":1686723578690477,"flow_dst_last_pkt_time":1686723578690477,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686723785197536,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.145.180.58","src_port":6016,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":556,"packets-processed":555,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27967,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":549,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":549,"total-idle-flows":548,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2651,"global_ts_usec":1686725098326675} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":556,"packets-processed":555,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27967,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":549,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":549,"total-idle-flows":548,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2651,"global_ts_usec":1686725098326675} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":550,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725098326675,"flow_src_last_pkt_time":1686725098326675,"flow_dst_last_pkt_time":1686725098326675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725098326675,"l3_proto":"ip4","src_ip":"51.242.192.58","dst_ip":"165.144.84.62","src_port":51989,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":550,"flow_packet_id":1,"flow_src_last_pkt_time":1686725098326675,"flow_dst_last_pkt_time":1686725098326675,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686725098326675,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXmQz8sA6pZBUPssVAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":550,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725098326675,"flow_src_last_pkt_time":1686725098326675,"flow_dst_last_pkt_time":1686725098326675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725098326675,"l3_proto":"ip4","src_ip":"51.242.192.58","dst_ip":"165.144.84.62","src_port":51989,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":549,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686723785197536,"flow_src_last_pkt_time":1686723785197536,"flow_dst_last_pkt_time":1686723785197536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725098326675,"l3_proto":"ip4","src_ip":"184.193.58.134","dst_ip":"90.141.37.56","src_port":21356,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":557,"packets-processed":556,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27996,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":550,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":550,"total-idle-flows":549,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2656,"global_ts_usec":1686725813807299} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":557,"packets-processed":556,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":27996,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":550,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":550,"total-idle-flows":549,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2656,"global_ts_usec":1686725813807299} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":551,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725813807299,"flow_src_last_pkt_time":1686725813807299,"flow_dst_last_pkt_time":1686725813807299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725813807299,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"186.112.202.53","src_port":45764,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":551,"flow_packet_id":1,"flow_src_last_pkt_time":1686725813807299,"flow_dst_last_pkt_time":1686725813807299,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686725813807299,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+QzNAADQRXblAwcSFunDKNbLEAasAKhbkAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":551,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725813807299,"flow_src_last_pkt_time":1686725813807299,"flow_dst_last_pkt_time":1686725813807299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725813807299,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"186.112.202.53","src_port":45764,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":550,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725098326675,"flow_src_last_pkt_time":1686725098326675,"flow_dst_last_pkt_time":1686725098326675,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686725813807299,"l3_proto":"ip4","src_ip":"51.242.192.58","dst_ip":"165.144.84.62","src_port":51989,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":558,"packets-processed":557,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28030,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":551,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":551,"total-idle-flows":550,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2661,"global_ts_usec":1686729365919386} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":558,"packets-processed":557,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28030,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":551,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":551,"total-idle-flows":550,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2661,"global_ts_usec":1686729365919386} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":552,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686729365919386,"flow_src_last_pkt_time":1686729365919386,"flow_dst_last_pkt_time":1686729365919386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686729365919386,"l3_proto":"ip4","src_ip":"185.29.253.207","dst_ip":"90.141.37.56","src_port":55308,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":552,"flow_packet_id":1,"flow_src_last_pkt_time":1686729365919386,"flow_dst_last_pkt_time":1686729365919386,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686729365919386,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbbu5Hf3PWo0lONgMAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":552,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686729365919386,"flow_src_last_pkt_time":1686729365919386,"flow_dst_last_pkt_time":1686729365919386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686729365919386,"l3_proto":"ip4","src_ip":"185.29.253.207","dst_ip":"90.141.37.56","src_port":55308,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":551,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686725813807299,"flow_src_last_pkt_time":1686725813807299,"flow_dst_last_pkt_time":1686725813807299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686729365919386,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"186.112.202.53","src_port":45764,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":559,"packets-processed":558,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28059,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":552,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":552,"total-idle-flows":551,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2666,"global_ts_usec":1686732302782823} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":559,"packets-processed":558,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28059,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":552,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":552,"total-idle-flows":551,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2666,"global_ts_usec":1686732302782823} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":553,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686732302782823,"flow_src_last_pkt_time":1686732302782823,"flow_dst_last_pkt_time":1686732302782823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686732302782823,"l3_proto":"ip4","src_ip":"49.49.71.169","dst_ip":"90.147.171.51","src_port":56940,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":553,"flow_packet_id":1,"flow_src_last_pkt_time":1686732302782823,"flow_dst_last_pkt_time":1686732302782823,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686732302782823,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXyExMUepWpOrM95sAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":553,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686732302782823,"flow_src_last_pkt_time":1686732302782823,"flow_dst_last_pkt_time":1686732302782823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686732302782823,"l3_proto":"ip4","src_ip":"49.49.71.169","dst_ip":"90.147.171.51","src_port":56940,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":552,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686729365919386,"flow_src_last_pkt_time":1686729365919386,"flow_dst_last_pkt_time":1686729365919386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686732302782823,"l3_proto":"ip4","src_ip":"185.29.253.207","dst_ip":"90.141.37.56","src_port":55308,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":560,"packets-processed":559,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28088,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":553,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":553,"total-idle-flows":552,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2671,"global_ts_usec":1686734552484911} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":560,"packets-processed":559,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28088,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":553,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":553,"total-idle-flows":552,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2671,"global_ts_usec":1686734552484911} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686734552484911,"flow_src_last_pkt_time":1686734552484911,"flow_dst_last_pkt_time":1686734552484911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686734552484911,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"90.111.212.50","src_port":55179,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":554,"flow_packet_id":1,"flow_src_last_pkt_time":1686734552484911,"flow_dst_last_pkt_time":1686734552484911,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686734552484911,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbUTGF1kcWm\/UMteLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686734552484911,"flow_src_last_pkt_time":1686734552484911,"flow_dst_last_pkt_time":1686734552484911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686734552484911,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"90.111.212.50","src_port":55179,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":553,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686732302782823,"flow_src_last_pkt_time":1686732302782823,"flow_dst_last_pkt_time":1686732302782823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686734552484911,"l3_proto":"ip4","src_ip":"49.49.71.169","dst_ip":"90.147.171.51","src_port":56940,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":561,"packets-processed":560,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28117,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":554,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":554,"total-idle-flows":553,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2676,"global_ts_usec":1686745116214925} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":561,"packets-processed":560,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28117,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":554,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":554,"total-idle-flows":553,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2676,"global_ts_usec":1686745116214925} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":555,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686745116214925,"flow_src_last_pkt_time":1686745116214925,"flow_dst_last_pkt_time":1686745116214925,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686745116214925,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"186.112.202.53","src_port":33154,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":555,"flow_packet_id":1,"flow_src_last_pkt_time":1686745116214925,"flow_dst_last_pkt_time":1686745116214925,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686745116214925,"pkt":"xmjqc4OdPJTVQTiBCABFCABLQo0AACQRgdjnJlLdunDKNYGCAasAN5v9AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":555,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686745116214925,"flow_src_last_pkt_time":1686745116214925,"flow_dst_last_pkt_time":1686745116214925,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686745116214925,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"186.112.202.53","src_port":33154,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686734552484911,"flow_src_last_pkt_time":1686734552484911,"flow_dst_last_pkt_time":1686734552484911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686745116214925,"l3_proto":"ip4","src_ip":"198.23.89.28","dst_ip":"90.111.212.50","src_port":55179,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":562,"packets-processed":561,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28164,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":555,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":555,"total-idle-flows":554,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2681,"global_ts_usec":1686766680148551} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":562,"packets-processed":561,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28164,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":555,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":555,"total-idle-flows":554,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2681,"global_ts_usec":1686766680148551} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686766680148551,"flow_src_last_pkt_time":1686766680148551,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686766680148551,"l3_proto":"ip4","src_ip":"43.95.195.22","dst_ip":"85.111.52.57","src_port":50287,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_packet_id":1,"flow_src_last_pkt_time":1686766680148551,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686766680148551,"pkt":"moT+\/Ph8PJTVQTiBCABFAABSwG8AAC0RJTYrX8MWVW80OcRvAasAPhVJAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686766680148551,"flow_src_last_pkt_time":1686766680148551,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686766680148551,"l3_proto":"ip4","src_ip":"43.95.195.22","dst_ip":"85.111.52.57","src_port":50287,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_packet_id":2,"flow_src_last_pkt_time":1686766680148564,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686766680148564,"pkt":"moT+\/Ph8PJTVQTiBCABFAABSwG8AAC0RJTYrX8MWVW80OcRvAasAPhVJAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":555,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686745116214925,"flow_src_last_pkt_time":1686745116214925,"flow_dst_last_pkt_time":1686745116214925,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686766680148564,"l3_proto":"ip4","src_ip":"231.38.82.221","dst_ip":"186.112.202.53","src_port":33154,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":564,"packets-processed":563,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28272,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":556,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":556,"total-idle-flows":555,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2687,"global_ts_usec":1686776388352182} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":564,"packets-processed":563,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28272,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":556,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":556,"total-idle-flows":555,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2687,"global_ts_usec":1686776388352182} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686776388352182,"flow_src_last_pkt_time":1686776388352182,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686776388352182,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.114.202.61","src_port":26337,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_packet_id":1,"flow_src_last_pkt_time":1686776388352182,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686776388352182,"pkt":"AAwp30Y4PJTVQTiBCABFBABSYuEAADQRGY3rYkGFpXLKPWbhAasAPhCkAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686776388352182,"flow_src_last_pkt_time":1686776388352182,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686776388352182,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.114.202.61","src_port":26337,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":565,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_packet_id":2,"flow_src_last_pkt_time":1686776388352185,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686776388352185,"pkt":"AAwp30Y4PJTVQTiBCABFBABSYuEAADQRGY3rYkGFpXLKPWbhAasAPhCkAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":556,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1686766680148551,"flow_src_last_pkt_time":1686766680148564,"flow_dst_last_pkt_time":1686766680148551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686776388352185,"l3_proto":"ip4","src_ip":"43.95.195.22","dst_ip":"85.111.52.57","src_port":50287,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":566,"packets-processed":565,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28380,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":557,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":557,"total-idle-flows":556,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2693,"global_ts_usec":1686782629632128} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":566,"packets-processed":565,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28380,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":557,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":557,"total-idle-flows":556,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2693,"global_ts_usec":1686782629632128} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":558,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686782629632128,"flow_src_last_pkt_time":1686782629632128,"flow_dst_last_pkt_time":1686782629632128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686782629632128,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"165.114.202.61","src_port":39471,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":558,"flow_packet_id":1,"flow_src_last_pkt_time":1686782629632128,"flow_dst_last_pkt_time":1686782629632128,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686782629632128,"pkt":"AAwp30Y4PJTVQTiBCABFCABLh+kAACIRQr6fPLR2pXLKPZovAasAN4eSAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":558,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686782629632128,"flow_src_last_pkt_time":1686782629632128,"flow_dst_last_pkt_time":1686782629632128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686782629632128,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"165.114.202.61","src_port":39471,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":557,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1686776388352182,"flow_src_last_pkt_time":1686776388352185,"flow_dst_last_pkt_time":1686776388352182,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686782629632128,"l3_proto":"ip4","src_ip":"235.98.65.133","dst_ip":"165.114.202.61","src_port":26337,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":567,"packets-processed":566,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28427,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":558,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":558,"total-idle-flows":557,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2698,"global_ts_usec":1686783435918307} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":567,"packets-processed":566,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28427,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":558,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":558,"total-idle-flows":557,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2698,"global_ts_usec":1686783435918307} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":559,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686783435918307,"flow_src_last_pkt_time":1686783435918307,"flow_dst_last_pkt_time":1686783435918307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686783435918307,"l3_proto":"ip4","src_ip":"164.192.91.117","dst_ip":"165.144.84.62","src_port":41275,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":559,"flow_packet_id":1,"flow_src_last_pkt_time":1686783435918307,"flow_dst_last_pkt_time":1686783435918307,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686783435918307,"pkt":"AAwp30Y4PJTVQTiBCABFCABL9voAACIR06ykwFt1pZBUPqE7AasAN4CGAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":559,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686783435918307,"flow_src_last_pkt_time":1686783435918307,"flow_dst_last_pkt_time":1686783435918307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686783435918307,"l3_proto":"ip4","src_ip":"164.192.91.117","dst_ip":"165.144.84.62","src_port":41275,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":558,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686782629632128,"flow_src_last_pkt_time":1686782629632128,"flow_dst_last_pkt_time":1686782629632128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686783435918307,"l3_proto":"ip4","src_ip":"159.60.180.118","dst_ip":"165.114.202.61","src_port":39471,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":568,"packets-processed":567,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28474,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":559,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":559,"total-idle-flows":558,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2703,"global_ts_usec":1686785007737222} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":568,"packets-processed":567,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28474,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":559,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":559,"total-idle-flows":558,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2703,"global_ts_usec":1686785007737222} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":560,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686785007737222,"flow_src_last_pkt_time":1686785007737222,"flow_dst_last_pkt_time":1686785007737222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686785007737222,"l3_proto":"ip4","src_ip":"155.160.165.208","dst_ip":"69.109.187.54","src_port":51124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":560,"flow_packet_id":1,"flow_src_last_pkt_time":1686785007737222,"flow_dst_last_pkt_time":1686785007737222,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686785007737222,"pkt":"bpHurUgdPJTVQTiBCABFCABLA0AAACQRwTOboKXQRW27Nse0AasAN1XZAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":560,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686785007737222,"flow_src_last_pkt_time":1686785007737222,"flow_dst_last_pkt_time":1686785007737222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686785007737222,"l3_proto":"ip4","src_ip":"155.160.165.208","dst_ip":"69.109.187.54","src_port":51124,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":559,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686783435918307,"flow_src_last_pkt_time":1686783435918307,"flow_dst_last_pkt_time":1686783435918307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686785007737222,"l3_proto":"ip4","src_ip":"164.192.91.117","dst_ip":"165.144.84.62","src_port":41275,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":569,"packets-processed":568,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28521,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":560,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":560,"total-idle-flows":559,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2708,"global_ts_usec":1686790507373750} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":569,"packets-processed":568,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28521,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":560,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":560,"total-idle-flows":559,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2708,"global_ts_usec":1686790507373750} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":561,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686790507373750,"flow_src_last_pkt_time":1686790507373750,"flow_dst_last_pkt_time":1686790507373750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686790507373750,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"186.112.202.53","src_port":65092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":561,"flow_packet_id":1,"flow_src_last_pkt_time":1686790507373750,"flow_dst_last_pkt_time":1686790507373750,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686790507373750,"pkt":"xmjqc4OdPJTVQTiBCABFCABLxbwAACIRBPAjAGRzunDKNf5EAasANyOCAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":561,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686790507373750,"flow_src_last_pkt_time":1686790507373750,"flow_dst_last_pkt_time":1686790507373750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686790507373750,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"186.112.202.53","src_port":65092,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":560,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686785007737222,"flow_src_last_pkt_time":1686785007737222,"flow_dst_last_pkt_time":1686785007737222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686790507373750,"l3_proto":"ip4","src_ip":"155.160.165.208","dst_ip":"69.109.187.54","src_port":51124,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":570,"packets-processed":569,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28568,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":561,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":561,"total-idle-flows":560,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2713,"global_ts_usec":1686794003013015} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":570,"packets-processed":569,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28568,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":561,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":561,"total-idle-flows":560,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2713,"global_ts_usec":1686794003013015} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686794003013015,"flow_src_last_pkt_time":1686794003013015,"flow_dst_last_pkt_time":1686794003013015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686794003013015,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.147.171.51","src_port":15170,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":562,"flow_packet_id":1,"flow_src_last_pkt_time":1686794003013015,"flow_dst_last_pkt_time":1686794003013015,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686794003013015,"pkt":"AAwp30Y4PJTVQTiBCABFCABLrMYAACQRF6rn33nVWpOrMztCAasAN+JIAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686794003013015,"flow_src_last_pkt_time":1686794003013015,"flow_dst_last_pkt_time":1686794003013015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686794003013015,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.147.171.51","src_port":15170,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":561,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686790507373750,"flow_src_last_pkt_time":1686790507373750,"flow_dst_last_pkt_time":1686790507373750,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686794003013015,"l3_proto":"ip4","src_ip":"35.0.100.115","dst_ip":"186.112.202.53","src_port":65092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":571,"packets-processed":570,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28615,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":562,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":562,"total-idle-flows":561,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2718,"global_ts_usec":1686799154433661} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":571,"packets-processed":570,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28615,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":562,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":562,"total-idle-flows":561,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2718,"global_ts_usec":1686799154433661} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":563,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686799154433661,"flow_src_last_pkt_time":1686799154433661,"flow_dst_last_pkt_time":1686799154433661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686799154433661,"l3_proto":"ip4","src_ip":"65.218.6.160","dst_ip":"165.114.202.61","src_port":55146,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":563,"flow_packet_id":1,"flow_src_last_pkt_time":1686799154433661,"flow_dst_last_pkt_time":1686799154433661,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686799154433661,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbQVB2gagpXLKPddqAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":563,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686799154433661,"flow_src_last_pkt_time":1686799154433661,"flow_dst_last_pkt_time":1686799154433661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686799154433661,"l3_proto":"ip4","src_ip":"65.218.6.160","dst_ip":"165.114.202.61","src_port":55146,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686794003013015,"flow_src_last_pkt_time":1686794003013015,"flow_dst_last_pkt_time":1686794003013015,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686799154433661,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"90.147.171.51","src_port":15170,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":572,"packets-processed":571,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28644,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":563,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":563,"total-idle-flows":562,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2723,"global_ts_usec":1686801707865988} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":572,"packets-processed":571,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28644,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":563,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":563,"total-idle-flows":562,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2723,"global_ts_usec":1686801707865988} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":564,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686801707865988,"flow_src_last_pkt_time":1686801707865988,"flow_dst_last_pkt_time":1686801707865988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686801707865988,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"85.111.52.57","src_port":64449,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":564,"flow_packet_id":1,"flow_src_last_pkt_time":1686801707865988,"flow_dst_last_pkt_time":1686801707865988,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686801707865988,"pkt":"moT+\/Ph8PJTVQTiBCABFAABLmP8AACcROhldZnxwVW80OfvBAasANzNpAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":564,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686801707865988,"flow_src_last_pkt_time":1686801707865988,"flow_dst_last_pkt_time":1686801707865988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686801707865988,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"85.111.52.57","src_port":64449,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":563,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686799154433661,"flow_src_last_pkt_time":1686799154433661,"flow_dst_last_pkt_time":1686799154433661,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686801707865988,"l3_proto":"ip4","src_ip":"65.218.6.160","dst_ip":"165.114.202.61","src_port":55146,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":573,"packets-processed":572,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28691,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":564,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":564,"total-idle-flows":563,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2728,"global_ts_usec":1686809757231212} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":573,"packets-processed":572,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28691,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":564,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":564,"total-idle-flows":563,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2728,"global_ts_usec":1686809757231212} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686809757231212,"flow_src_last_pkt_time":1686809757231212,"flow_dst_last_pkt_time":1686809757231212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686809757231212,"l3_proto":"ip4","src_ip":"32.248.84.127","dst_ip":"90.141.37.56","src_port":45264,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":565,"flow_packet_id":1,"flow_src_last_pkt_time":1686809757231212,"flow_dst_last_pkt_time":1686809757231212,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686809757231212,"pkt":"3jHC4dyOPJTVQTiBCABFCABLKJcAACIRohgg+FR\/Wo0lOLDQAasAN3D5AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686809757231212,"flow_src_last_pkt_time":1686809757231212,"flow_dst_last_pkt_time":1686809757231212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686809757231212,"l3_proto":"ip4","src_ip":"32.248.84.127","dst_ip":"90.141.37.56","src_port":45264,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":564,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686801707865988,"flow_src_last_pkt_time":1686801707865988,"flow_dst_last_pkt_time":1686801707865988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686809757231212,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"85.111.52.57","src_port":64449,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":574,"packets-processed":573,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28738,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":565,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":565,"total-idle-flows":564,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2733,"global_ts_usec":1686815428144220} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":574,"packets-processed":573,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28738,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":565,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":565,"total-idle-flows":564,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2733,"global_ts_usec":1686815428144220} 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":566,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686815428144220,"flow_src_last_pkt_time":1686815428144220,"flow_dst_last_pkt_time":1686815428144220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686815428144220,"l3_proto":"ip4","src_ip":"69.24.27.60","dst_ip":"90.111.212.50","src_port":56117,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":566,"flow_packet_id":1,"flow_src_last_pkt_time":1686815428144220,"flow_dst_last_pkt_time":1686815428144220,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686815428144220,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbFFFGBs8Wm\/UMts1AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":566,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686815428144220,"flow_src_last_pkt_time":1686815428144220,"flow_dst_last_pkt_time":1686815428144220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686815428144220,"l3_proto":"ip4","src_ip":"69.24.27.60","dst_ip":"90.111.212.50","src_port":56117,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686809757231212,"flow_src_last_pkt_time":1686809757231212,"flow_dst_last_pkt_time":1686809757231212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686815428144220,"l3_proto":"ip4","src_ip":"32.248.84.127","dst_ip":"90.141.37.56","src_port":45264,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":575,"packets-processed":574,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28767,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":566,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":566,"total-idle-flows":565,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2738,"global_ts_usec":1686819439098098} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":575,"packets-processed":574,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28767,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":566,"total-detection-updates":0,"total-updates":97,"current-active-flows":1,"total-active-flows":566,"total-idle-flows":565,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2738,"global_ts_usec":1686819439098098} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":567,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819439098098,"flow_src_last_pkt_time":1686819439098098,"flow_dst_last_pkt_time":1686819439098098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819439098098,"l3_proto":"ip4","src_ip":"64.62.219.130","dst_ip":"85.111.52.57","src_port":17454,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":567,"flow_packet_id":1,"flow_src_last_pkt_time":1686819439098098,"flow_dst_last_pkt_time":1686819439098098,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686819439098098,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA+YmVAADQRPoBAPtuCVW80OUQuAasAKoVzAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":567,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819439098098,"flow_src_last_pkt_time":1686819439098098,"flow_dst_last_pkt_time":1686819439098098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819439098098,"l3_proto":"ip4","src_ip":"64.62.219.130","dst_ip":"85.111.52.57","src_port":17454,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2751,7 +2751,7 @@ 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":570,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819690034608,"flow_src_last_pkt_time":1686819690034608,"flow_dst_last_pkt_time":1686819690034608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819690034608,"l3_proto":"ip4","src_ip":"9.160.170.26","dst_ip":"69.109.187.54","src_port":53573,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":570,"flow_packet_id":1,"flow_src_last_pkt_time":1686819690034608,"flow_dst_last_pkt_time":1686819690034608,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686819690034608,"pkt":"bpHurUgdPJTVQTiBCABFCABS21FAAC4Ros0JoKoaRW27NtFFAasAPuH0AgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":570,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686819690034608,"flow_src_last_pkt_time":1686819690034608,"flow_dst_last_pkt_time":1686819690034608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686819690034608,"l3_proto":"ip4","src_ip":"9.160.170.26","dst_ip":"69.109.187.54","src_port":53573,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":579,"packets-processed":578,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":570,"total-detection-updates":0,"total-updates":97,"current-active-flows":2,"total-active-flows":570,"total-idle-flows":568,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2754,"global_ts_usec":1686820137258813} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":579,"packets-processed":578,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":28923,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":570,"total-detection-updates":0,"total-updates":97,"current-active-flows":2,"total-active-flows":570,"total-idle-flows":568,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2754,"global_ts_usec":1686820137258813} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820137258813,"flow_src_last_pkt_time":1686820137258813,"flow_dst_last_pkt_time":1686820137258813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820137258813,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"90.145.180.58","src_port":51380,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":571,"flow_packet_id":1,"flow_src_last_pkt_time":1686820137258813,"flow_dst_last_pkt_time":1686820137258813,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686820137258813,"pkt":"bs1PogZtPJTVQTiBCABFAAA+CBNAADQRmNRAwcSFWpG0Osi0AasAKgDvAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820137258813,"flow_src_last_pkt_time":1686820137258813,"flow_dst_last_pkt_time":1686820137258813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820137258813,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"90.145.180.58","src_port":51380,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2765,7 +2765,7 @@ 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":581,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":573,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820293978966,"flow_src_last_pkt_time":1686820293978966,"flow_dst_last_pkt_time":1686820293978966,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820293978966,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"186.112.202.53","src_port":41896,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":572,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820163339870,"flow_src_last_pkt_time":1686820163339870,"flow_dst_last_pkt_time":1686820163339870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820293978966,"l3_proto":"ip4","src_ip":"80.51.127.74","dst_ip":"90.141.37.56","src_port":51252,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00988{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820137258813,"flow_src_last_pkt_time":1686820137258813,"flow_dst_last_pkt_time":1686820137258813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820293978966,"l3_proto":"ip4","src_ip":"64.193.196.133","dst_ip":"90.145.180.58","src_port":51380,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":582,"packets-processed":581,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29020,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":573,"total-detection-updates":0,"total-updates":99,"current-active-flows":3,"total-active-flows":573,"total-idle-flows":570,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2768,"global_ts_usec":1686820910359963} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":582,"packets-processed":581,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29020,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":573,"total-detection-updates":0,"total-updates":99,"current-active-flows":3,"total-active-flows":573,"total-idle-flows":570,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2768,"global_ts_usec":1686820910359963} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":574,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820910359963,"flow_src_last_pkt_time":1686820910359963,"flow_dst_last_pkt_time":1686820910359963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820910359963,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":38472,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":574,"flow_packet_id":1,"flow_src_last_pkt_time":1686820910359963,"flow_dst_last_pkt_time":1686820910359963,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686820910359963,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+iNFAADQRGBe\/OSSHpZBUPpZIAasAKjNcAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":574,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820910359963,"flow_src_last_pkt_time":1686820910359963,"flow_dst_last_pkt_time":1686820910359963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686820910359963,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":38472,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2776,22 +2776,22 @@ 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":575,"flow_packet_id":1,"flow_src_last_pkt_time":1686821183061310,"flow_dst_last_pkt_time":1686821183061310,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686821183061310,"pkt":"3jHC4dyOPJTVQTiBCABFAAA+lolAADQRCl9BwcuBWo0lOPn2AasAKs+tAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":575,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821183061310,"flow_src_last_pkt_time":1686821183061310,"flow_dst_last_pkt_time":1686821183061310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821183061310,"l3_proto":"ip4","src_ip":"65.193.203.129","dst_ip":"90.141.37.56","src_port":63990,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":574,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686820910359963,"flow_src_last_pkt_time":1686820910359963,"flow_dst_last_pkt_time":1686820910359963,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821183061310,"l3_proto":"ip4","src_ip":"191.57.36.135","dst_ip":"165.144.84.62","src_port":38472,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":584,"packets-processed":583,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29088,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":575,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":575,"total-idle-flows":574,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2779,"global_ts_usec":1686821576328540} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":584,"packets-processed":583,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29088,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":575,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":575,"total-idle-flows":574,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2779,"global_ts_usec":1686821576328540} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":576,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821576328540,"flow_src_last_pkt_time":1686821576328540,"flow_dst_last_pkt_time":1686821576328540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821576328540,"l3_proto":"ip4","src_ip":"71.191.53.138","dst_ip":"165.114.202.61","src_port":59582,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":576,"flow_packet_id":1,"flow_src_last_pkt_time":1686821576328540,"flow_dst_last_pkt_time":1686821576328540,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686821576328540,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+edNAADQRJxlHvzWKpXLKPei+AasAKuDpAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":576,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821576328540,"flow_src_last_pkt_time":1686821576328540,"flow_dst_last_pkt_time":1686821576328540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821576328540,"l3_proto":"ip4","src_ip":"71.191.53.138","dst_ip":"165.114.202.61","src_port":59582,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":575,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821183061310,"flow_src_last_pkt_time":1686821183061310,"flow_dst_last_pkt_time":1686821183061310,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686821576328540,"l3_proto":"ip4","src_ip":"65.193.203.129","dst_ip":"90.141.37.56","src_port":63990,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":585,"packets-processed":584,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29122,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":576,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":576,"total-idle-flows":575,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2784,"global_ts_usec":1686822857775383} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":585,"packets-processed":584,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29122,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":576,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":576,"total-idle-flows":575,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2784,"global_ts_usec":1686822857775383} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686822857775383,"flow_src_last_pkt_time":1686822857775383,"flow_dst_last_pkt_time":1686822857775383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686822857775383,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"74.111.203.55","src_port":32482,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":577,"flow_packet_id":1,"flow_src_last_pkt_time":1686822857775383,"flow_dst_last_pkt_time":1686822857775383,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686822857775383,"pkt":"ipffLU2SPJTVQTiBCABFAAA+b3NAADQRMYKgR9WMSm\/LN37iAasAKkrPAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686822857775383,"flow_src_last_pkt_time":1686822857775383,"flow_dst_last_pkt_time":1686822857775383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686822857775383,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"74.111.203.55","src_port":32482,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":576,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686821576328540,"flow_src_last_pkt_time":1686821576328540,"flow_dst_last_pkt_time":1686821576328540,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686822857775383,"l3_proto":"ip4","src_ip":"71.191.53.138","dst_ip":"165.114.202.61","src_port":59582,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":586,"packets-processed":585,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29156,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":577,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":577,"total-idle-flows":576,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2789,"global_ts_usec":1686823539150971} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":586,"packets-processed":585,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29156,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":577,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":577,"total-idle-flows":576,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2789,"global_ts_usec":1686823539150971} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":578,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686823539150971,"flow_src_last_pkt_time":1686823539150971,"flow_dst_last_pkt_time":1686823539150971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686823539150971,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"74.111.203.55","src_port":41415,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":578,"flow_packet_id":1,"flow_src_last_pkt_time":1686823539150971,"flow_dst_last_pkt_time":1686823539150971,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686823539150971,"pkt":"ipffLU2SPJTVQTiBCABFAABLhjwAACcRTORiZ\/1zSm\/LN6HHAasAN41rAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":578,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686823539150971,"flow_src_last_pkt_time":1686823539150971,"flow_dst_last_pkt_time":1686823539150971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686823539150971,"l3_proto":"ip4","src_ip":"98.103.253.115","dst_ip":"74.111.203.55","src_port":41415,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686822857775383,"flow_src_last_pkt_time":1686822857775383,"flow_dst_last_pkt_time":1686822857775383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686823539150971,"l3_proto":"ip4","src_ip":"160.71.213.140","dst_ip":"74.111.203.55","src_port":32482,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":587,"packets-processed":586,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29203,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":578,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":578,"total-idle-flows":577,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2794,"global_ts_usec":1686825966772504} +00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":587,"packets-processed":586,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29203,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":578,"total-detection-updates":0,"total-updates":99,"current-active-flows":1,"total-active-flows":578,"total-idle-flows":577,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2794,"global_ts_usec":1686825966772504} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":579,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686825966772504,"flow_src_last_pkt_time":1686825966772504,"flow_dst_last_pkt_time":1686825966772504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686825966772504,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"165.144.84.62","src_port":56415,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":579,"flow_packet_id":1,"flow_src_last_pkt_time":1686825966772504,"flow_dst_last_pkt_time":1686825966772504,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686825966772504,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbU4h2Fo4pZBUPtxfAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":579,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686825966772504,"flow_src_last_pkt_time":1686825966772504,"flow_dst_last_pkt_time":1686825966772504,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686825966772504,"l3_proto":"ip4","src_ip":"33.216.90.56","dst_ip":"165.144.84.62","src_port":56415,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2804,18 +2804,18 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":581,"flow_packet_id":1,"flow_src_last_pkt_time":1686826372484485,"flow_dst_last_pkt_time":1686826372484485,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686826372484485,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRYDnSDNiXWpG0OtnBAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":581,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826372484485,"flow_src_last_pkt_time":1686826372484485,"flow_dst_last_pkt_time":1686826372484485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686826372484485,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":55745,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00989{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":580,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826280078870,"flow_src_last_pkt_time":1686826280078870,"flow_dst_last_pkt_time":1686826280078870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686826372484485,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"186.112.202.53","src_port":6873,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":590,"packets-processed":589,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29308,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":581,"total-detection-updates":0,"total-updates":100,"current-active-flows":2,"total-active-flows":581,"total-idle-flows":579,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2807,"global_ts_usec":1686827895727367} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":590,"packets-processed":589,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29308,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":581,"total-detection-updates":0,"total-updates":100,"current-active-flows":2,"total-active-flows":581,"total-idle-flows":579,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2807,"global_ts_usec":1686827895727367} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":582,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686827895727367,"flow_src_last_pkt_time":1686827895727367,"flow_dst_last_pkt_time":1686827895727367,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686827895727367,"l3_proto":"ip4","src_ip":"65.20.223.151","dst_ip":"90.147.171.51","src_port":51977,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":582,"flow_packet_id":1,"flow_src_last_pkt_time":1686827895727367,"flow_dst_last_pkt_time":1686827895727367,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686827895727367,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbilBFN+XWpOrM8sJAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":582,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686827895727367,"flow_src_last_pkt_time":1686827895727367,"flow_dst_last_pkt_time":1686827895727367,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686827895727367,"l3_proto":"ip4","src_ip":"65.20.223.151","dst_ip":"90.147.171.51","src_port":51977,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":580,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826280078870,"flow_src_last_pkt_time":1686826280078870,"flow_dst_last_pkt_time":1686826280078870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686827895727367,"l3_proto":"ip4","src_ip":"154.129.123.124","dst_ip":"186.112.202.53","src_port":6873,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":581,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686826372484485,"flow_src_last_pkt_time":1686826372484485,"flow_dst_last_pkt_time":1686826372484485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686827895727367,"l3_proto":"ip4","src_ip":"210.12.216.151","dst_ip":"90.145.180.58","src_port":55745,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":591,"packets-processed":590,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29337,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":582,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":582,"total-idle-flows":581,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2813,"global_ts_usec":1686831590603565} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":591,"packets-processed":590,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29337,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":582,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":582,"total-idle-flows":581,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2813,"global_ts_usec":1686831590603565} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":583,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686831590603565,"flow_src_last_pkt_time":1686831590603565,"flow_dst_last_pkt_time":1686831590603565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686831590603565,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"165.114.202.61","src_port":54342,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":583,"flow_packet_id":1,"flow_src_last_pkt_time":1686831590603565,"flow_dst_last_pkt_time":1686831590603565,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686831590603565,"pkt":"AAwp30Y4PJTVQTiBCABFCABL3soAACQR5ZVYH27bpXLKPdRGAasAN0k0AgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":591,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":583,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686831590603565,"flow_src_last_pkt_time":1686831590603565,"flow_dst_last_pkt_time":1686831590603565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686831590603565,"l3_proto":"ip4","src_ip":"88.31.110.219","dst_ip":"165.114.202.61","src_port":54342,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":582,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686827895727367,"flow_src_last_pkt_time":1686827895727367,"flow_dst_last_pkt_time":1686827895727367,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686831590603565,"l3_proto":"ip4","src_ip":"65.20.223.151","dst_ip":"90.147.171.51","src_port":51977,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":592,"packets-processed":591,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29384,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":583,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":583,"total-idle-flows":582,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2818,"global_ts_usec":1686834792524626} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":592,"packets-processed":591,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29384,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":583,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":583,"total-idle-flows":582,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2818,"global_ts_usec":1686834792524626} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":584,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834792524626,"flow_src_last_pkt_time":1686834792524626,"flow_dst_last_pkt_time":1686834792524626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686834792524626,"l3_proto":"ip4","src_ip":"206.206.184.241","dst_ip":"69.109.187.54","src_port":50350,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":584,"flow_packet_id":1,"flow_src_last_pkt_time":1686834792524626,"flow_dst_last_pkt_time":1686834792524626,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686834792524626,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPkRX\/bOzrjxRW27NsSuAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":592,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":584,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834792524626,"flow_src_last_pkt_time":1686834792524626,"flow_dst_last_pkt_time":1686834792524626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686834792524626,"l3_proto":"ip4","src_ip":"206.206.184.241","dst_ip":"69.109.187.54","src_port":50350,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2823,33 +2823,33 @@ 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":585,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834822514899,"flow_src_last_pkt_time":1686834822514899,"flow_dst_last_pkt_time":1686834822514899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686834822514899,"l3_proto":"ip4","src_ip":"190.35.225.89","dst_ip":"85.111.52.57","src_port":52867,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":585,"flow_packet_id":1,"flow_src_last_pkt_time":1686834822514899,"flow_dst_last_pkt_time":1686834822514899,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686834822514899,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPkRbYW+I+FZVW80Oc6DAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":585,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834822514899,"flow_src_last_pkt_time":1686834822514899,"flow_dst_last_pkt_time":1686834822514899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686834822514899,"l3_proto":"ip4","src_ip":"190.35.225.89","dst_ip":"85.111.52.57","src_port":52867,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":594,"packets-processed":593,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29442,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":585,"total-detection-updates":0,"total-updates":100,"current-active-flows":2,"total-active-flows":585,"total-idle-flows":583,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2826,"global_ts_usec":1686835718979040} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":594,"packets-processed":593,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29442,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":585,"total-detection-updates":0,"total-updates":100,"current-active-flows":2,"total-active-flows":585,"total-idle-flows":583,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2826,"global_ts_usec":1686835718979040} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686835718979040,"flow_src_last_pkt_time":1686835718979040,"flow_dst_last_pkt_time":1686835718979040,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686835718979040,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"165.144.84.62","src_port":63301,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":586,"flow_packet_id":1,"flow_src_last_pkt_time":1686835718979040,"flow_dst_last_pkt_time":1686835718979040,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686835718979040,"pkt":"AAwp30Y4PJTVQTiBCABFCABL0T8AACQR8xzjB7LfpZBUPvdFAasANyYxAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686835718979040,"flow_src_last_pkt_time":1686835718979040,"flow_dst_last_pkt_time":1686835718979040,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686835718979040,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"165.144.84.62","src_port":63301,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":584,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834792524626,"flow_src_last_pkt_time":1686834792524626,"flow_dst_last_pkt_time":1686834792524626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686835718979040,"l3_proto":"ip4","src_ip":"206.206.184.241","dst_ip":"69.109.187.54","src_port":50350,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":585,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686834822514899,"flow_src_last_pkt_time":1686834822514899,"flow_dst_last_pkt_time":1686834822514899,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686835718979040,"l3_proto":"ip4","src_ip":"190.35.225.89","dst_ip":"85.111.52.57","src_port":52867,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":595,"packets-processed":594,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29489,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":586,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":586,"total-idle-flows":585,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2832,"global_ts_usec":1686837738680875} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":595,"packets-processed":594,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29489,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":586,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":586,"total-idle-flows":585,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2832,"global_ts_usec":1686837738680875} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":587,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686837738680875,"flow_src_last_pkt_time":1686837738680875,"flow_dst_last_pkt_time":1686837738680875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686837738680875,"l3_proto":"ip4","src_ip":"34.214.128.211","dst_ip":"74.111.203.55","src_port":50699,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":587,"flow_packet_id":1,"flow_src_last_pkt_time":1686837738680875,"flow_dst_last_pkt_time":1686837738680875,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686837738680875,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPkRbc0i1oDTSm\/LN8YLAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00951{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":587,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686837738680875,"flow_src_last_pkt_time":1686837738680875,"flow_dst_last_pkt_time":1686837738680875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686837738680875,"l3_proto":"ip4","src_ip":"34.214.128.211","dst_ip":"74.111.203.55","src_port":50699,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686835718979040,"flow_src_last_pkt_time":1686835718979040,"flow_dst_last_pkt_time":1686835718979040,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686837738680875,"l3_proto":"ip4","src_ip":"227.7.178.223","dst_ip":"165.144.84.62","src_port":63301,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":596,"packets-processed":595,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29518,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":587,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":587,"total-idle-flows":586,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2837,"global_ts_usec":1686840095634071} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":596,"packets-processed":595,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29518,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":587,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":587,"total-idle-flows":586,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2837,"global_ts_usec":1686840095634071} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":588,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840095634071,"flow_src_last_pkt_time":1686840095634071,"flow_dst_last_pkt_time":1686840095634071,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840095634071,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":44047,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00583{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":588,"flow_packet_id":1,"flow_src_last_pkt_time":1686840095634071,"flow_dst_last_pkt_time":1686840095634071,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686840095634071,"pkt":"moT+\/Ph8PJTVQTiBCABFCABSMJwAAGsR5fhDnxCWVW80OawPAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":588,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840095634071,"flow_src_last_pkt_time":1686840095634071,"flow_dst_last_pkt_time":1686840095634071,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840095634071,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":44047,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00990{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":587,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686837738680875,"flow_src_last_pkt_time":1686837738680875,"flow_dst_last_pkt_time":1686837738680875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840095634071,"l3_proto":"ip4","src_ip":"34.214.128.211","dst_ip":"74.111.203.55","src_port":50699,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":597,"packets-processed":596,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29572,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":588,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":588,"total-idle-flows":587,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2842,"global_ts_usec":1686840886120988} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":597,"packets-processed":596,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29572,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":588,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":588,"total-idle-flows":587,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2842,"global_ts_usec":1686840886120988} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":589,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840886120988,"flow_src_last_pkt_time":1686840886120988,"flow_dst_last_pkt_time":1686840886120988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840886120988,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"74.111.203.55","src_port":38016,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":589,"flow_packet_id":1,"flow_src_last_pkt_time":1686840886120988,"flow_dst_last_pkt_time":1686840886120988,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686840886120988,"pkt":"ipffLU2SPJTVQTiBCABFCABL2jYAACQR6jfn33nVSm\/LN5SAAasAN4kIAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":589,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840886120988,"flow_src_last_pkt_time":1686840886120988,"flow_dst_last_pkt_time":1686840886120988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840886120988,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"74.111.203.55","src_port":38016,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":588,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840095634071,"flow_src_last_pkt_time":1686840095634071,"flow_dst_last_pkt_time":1686840095634071,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686840886120988,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"85.111.52.57","src_port":44047,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":598,"packets-processed":597,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29619,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":589,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":589,"total-idle-flows":588,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2847,"global_ts_usec":1686854380719448} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":598,"packets-processed":597,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29619,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":589,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":589,"total-idle-flows":588,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2847,"global_ts_usec":1686854380719448} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":590,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686854380719448,"flow_src_last_pkt_time":1686854380719448,"flow_dst_last_pkt_time":1686854380719448,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686854380719448,"l3_proto":"ip4","src_ip":"218.225.124.29","dst_ip":"69.109.187.54","src_port":52381,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":590,"flow_packet_id":1,"flow_src_last_pkt_time":1686854380719448,"flow_dst_last_pkt_time":1686854380719448,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686854380719448,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPoRbEHa4XwdRW27NsydAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":590,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686854380719448,"flow_src_last_pkt_time":1686854380719448,"flow_dst_last_pkt_time":1686854380719448,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686854380719448,"l3_proto":"ip4","src_ip":"218.225.124.29","dst_ip":"69.109.187.54","src_port":52381,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":589,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686840886120988,"flow_src_last_pkt_time":1686840886120988,"flow_dst_last_pkt_time":1686840886120988,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686854380719448,"l3_proto":"ip4","src_ip":"231.223.121.213","dst_ip":"74.111.203.55","src_port":38016,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":599,"packets-processed":598,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29648,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":590,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":590,"total-idle-flows":589,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2852,"global_ts_usec":1686869889080815} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":599,"packets-processed":598,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29648,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":590,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":590,"total-idle-flows":589,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2852,"global_ts_usec":1686869889080815} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":591,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686869889080815,"flow_src_last_pkt_time":1686869889080815,"flow_dst_last_pkt_time":1686869889080815,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686869889080815,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":47273,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":591,"flow_packet_id":1,"flow_src_last_pkt_time":1686869889080815,"flow_dst_last_pkt_time":1686869889080815,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686869889080815,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPURKLvIH5CeSm\/LN7ipAasAJTHQAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":591,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686869889080815,"flow_src_last_pkt_time":1686869889080815,"flow_dst_last_pkt_time":1686869889080815,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686869889080815,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":47273,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2858,17 +2858,17 @@ 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":592,"flow_packet_id":1,"flow_src_last_pkt_time":1686870203714333,"flow_dst_last_pkt_time":1686870203714333,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686870203714333,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRXtoxLaDXpXLKPcuOAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":592,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686870203714333,"flow_src_last_pkt_time":1686870203714333,"flow_dst_last_pkt_time":1686870203714333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686870203714333,"l3_proto":"ip4","src_ip":"49.45.160.215","dst_ip":"165.114.202.61","src_port":52110,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":591,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686869889080815,"flow_src_last_pkt_time":1686869889080815,"flow_dst_last_pkt_time":1686869889080815,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686870203714333,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"74.111.203.55","src_port":47273,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":601,"packets-processed":600,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29706,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":592,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":592,"total-idle-flows":591,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2861,"global_ts_usec":1686871454458967} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":601,"packets-processed":600,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29706,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":592,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":592,"total-idle-flows":591,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2861,"global_ts_usec":1686871454458967} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":593,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686871454458967,"flow_src_last_pkt_time":1686871454458967,"flow_dst_last_pkt_time":1686871454458967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686871454458967,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":56053,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":593,"flow_packet_id":1,"flow_src_last_pkt_time":1686871454458967,"flow_dst_last_pkt_time":1686871454458967,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686871454458967,"pkt":"bpHurUgdPJTVQTiBCABFAAA51DEAAPURKLrIH5CeRW27Ntr1AasAJQ+DAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":593,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686871454458967,"flow_src_last_pkt_time":1686871454458967,"flow_dst_last_pkt_time":1686871454458967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686871454458967,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":56053,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":592,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686870203714333,"flow_src_last_pkt_time":1686870203714333,"flow_dst_last_pkt_time":1686870203714333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686871454458967,"l3_proto":"ip4","src_ip":"49.45.160.215","dst_ip":"165.114.202.61","src_port":52110,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":602,"packets-processed":601,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29735,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":593,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":593,"total-idle-flows":592,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2866,"global_ts_usec":1686873049876707} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":602,"packets-processed":601,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29735,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":593,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":593,"total-idle-flows":592,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2866,"global_ts_usec":1686873049876707} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":594,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686873049876707,"flow_src_last_pkt_time":1686873049876707,"flow_dst_last_pkt_time":1686873049876707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686873049876707,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":44785,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":594,"flow_packet_id":1,"flow_src_last_pkt_time":1686873049876707,"flow_dst_last_pkt_time":1686873049876707,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686873049876707,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKL3IH5CeWpOrM67xAasAJTuKAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":594,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686873049876707,"flow_src_last_pkt_time":1686873049876707,"flow_dst_last_pkt_time":1686873049876707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686873049876707,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.147.171.51","src_port":44785,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":593,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686871454458967,"flow_src_last_pkt_time":1686871454458967,"flow_dst_last_pkt_time":1686871454458967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686873049876707,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"69.109.187.54","src_port":56053,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":603,"packets-processed":602,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29764,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":594,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":594,"total-idle-flows":593,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2871,"global_ts_usec":1686874733087762} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":603,"packets-processed":602,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29764,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":594,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":594,"total-idle-flows":593,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2871,"global_ts_usec":1686874733087762} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":595,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686874733087762,"flow_src_last_pkt_time":1686874733087762,"flow_dst_last_pkt_time":1686874733087762,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686874733087762,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54403,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":595,"flow_packet_id":1,"flow_src_last_pkt_time":1686874733087762,"flow_dst_last_pkt_time":1686874733087762,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686874733087762,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPURKLfIH5CeWo0lONSDAasAJRXyAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":595,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686874733087762,"flow_src_last_pkt_time":1686874733087762,"flow_dst_last_pkt_time":1686874733087762,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686874733087762,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54403,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2877,47 +2877,47 @@ 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":596,"flow_packet_id":1,"flow_src_last_pkt_time":1686875253404813,"flow_dst_last_pkt_time":1686875253404813,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686875253404813,"pkt":"moT+\/Ph8PJTVQTiBCABFCABLoTQAACIRKX2Y\/6p8VW80ORc1AasANwqXAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":596,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875253404813,"flow_src_last_pkt_time":1686875253404813,"flow_dst_last_pkt_time":1686875253404813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875253404813,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"85.111.52.57","src_port":5941,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":595,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686874733087762,"flow_src_last_pkt_time":1686874733087762,"flow_dst_last_pkt_time":1686874733087762,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875253404813,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.141.37.56","src_port":54403,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":605,"packets-processed":604,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29840,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":596,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":596,"total-idle-flows":595,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2880,"global_ts_usec":1686875903844766} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":605,"packets-processed":604,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29840,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":596,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":596,"total-idle-flows":595,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2880,"global_ts_usec":1686875903844766} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":597,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875903844766,"flow_src_last_pkt_time":1686875903844766,"flow_dst_last_pkt_time":1686875903844766,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875903844766,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":41849,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":597,"flow_packet_id":1,"flow_src_last_pkt_time":1686875903844766,"flow_dst_last_pkt_time":1686875903844766,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686875903844766,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLzIH5CeWm\/UMqN5AasAJUcBAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":597,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875903844766,"flow_src_last_pkt_time":1686875903844766,"flow_dst_last_pkt_time":1686875903844766,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875903844766,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":41849,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":596,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875253404813,"flow_src_last_pkt_time":1686875253404813,"flow_dst_last_pkt_time":1686875253404813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686875903844766,"l3_proto":"ip4","src_ip":"152.255.170.124","dst_ip":"85.111.52.57","src_port":5941,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":606,"packets-processed":605,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29869,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":597,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":597,"total-idle-flows":596,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2885,"global_ts_usec":1686876990016671} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":606,"packets-processed":605,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29869,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":597,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":597,"total-idle-flows":596,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2885,"global_ts_usec":1686876990016671} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":598,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686876990016671,"flow_src_last_pkt_time":1686876990016671,"flow_dst_last_pkt_time":1686876990016671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686876990016671,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":55801,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":598,"flow_packet_id":1,"flow_src_last_pkt_time":1686876990016671,"flow_dst_last_pkt_time":1686876990016671,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686876990016671,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLHIH5CepXLKPdn5AasAJRB2AgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":598,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686876990016671,"flow_src_last_pkt_time":1686876990016671,"flow_dst_last_pkt_time":1686876990016671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686876990016671,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":55801,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":597,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686875903844766,"flow_src_last_pkt_time":1686875903844766,"flow_dst_last_pkt_time":1686875903844766,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686876990016671,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"90.111.212.50","src_port":41849,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":607,"packets-processed":606,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29898,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":598,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":598,"total-idle-flows":597,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2890,"global_ts_usec":1686878041820268} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":607,"packets-processed":606,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29898,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":598,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":598,"total-idle-flows":597,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2890,"global_ts_usec":1686878041820268} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":599,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686878041820268,"flow_src_last_pkt_time":1686878041820268,"flow_dst_last_pkt_time":1686878041820268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686878041820268,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":59938,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":599,"flow_packet_id":1,"flow_src_last_pkt_time":1686878041820268,"flow_dst_last_pkt_time":1686878041820268,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686878041820268,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPURKLLIH5CepZBUPuoiAasAJQBOAgkAAB0AAAAAABIEAAJlbgAA\/\/8AB2RlZmF1bHQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":599,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686878041820268,"flow_src_last_pkt_time":1686878041820268,"flow_dst_last_pkt_time":1686878041820268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686878041820268,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":59938,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":598,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686876990016671,"flow_src_last_pkt_time":1686876990016671,"flow_dst_last_pkt_time":1686876990016671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686878041820268,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.114.202.61","src_port":55801,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":608,"packets-processed":607,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29927,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":599,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":599,"total-idle-flows":598,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2895,"global_ts_usec":1686879129948527} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":608,"packets-processed":607,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29927,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":599,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":599,"total-idle-flows":598,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2895,"global_ts_usec":1686879129948527} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":600,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686879129948527,"flow_src_last_pkt_time":1686879129948527,"flow_dst_last_pkt_time":1686879129948527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686879129948527,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.147.171.51","src_port":42800,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":600,"flow_packet_id":1,"flow_src_last_pkt_time":1686879129948527,"flow_dst_last_pkt_time":1686879129948527,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686879129948527,"pkt":"AAwp30Y4PJTVQTiBCABFAABLl1IAACcRO9qdePx7WpOrM6cwAasAN4gOAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":600,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686879129948527,"flow_src_last_pkt_time":1686879129948527,"flow_dst_last_pkt_time":1686879129948527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686879129948527,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.147.171.51","src_port":42800,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":599,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686878041820268,"flow_src_last_pkt_time":1686878041820268,"flow_dst_last_pkt_time":1686878041820268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686879129948527,"l3_proto":"ip4","src_ip":"200.31.144.158","dst_ip":"165.144.84.62","src_port":59938,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":609,"packets-processed":608,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29974,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":600,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":600,"total-idle-flows":599,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2900,"global_ts_usec":1686883384416005} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":609,"packets-processed":608,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":29974,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":600,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":600,"total-idle-flows":599,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2900,"global_ts_usec":1686883384416005} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":601,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686883384416005,"flow_src_last_pkt_time":1686883384416005,"flow_dst_last_pkt_time":1686883384416005,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686883384416005,"l3_proto":"ip4","src_ip":"155.185.93.215","dst_ip":"165.144.84.62","src_port":16031,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":601,"flow_packet_id":1,"flow_src_last_pkt_time":1686883384416005,"flow_dst_last_pkt_time":1686883384416005,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686883384416005,"pkt":"AAwp30Y4PJTVQTiBCABFCABLS3QAACMRefObuV3XpZBUPj6fAasAN97iAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":601,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686883384416005,"flow_src_last_pkt_time":1686883384416005,"flow_dst_last_pkt_time":1686883384416005,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686883384416005,"l3_proto":"ip4","src_ip":"155.185.93.215","dst_ip":"165.144.84.62","src_port":16031,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":600,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686879129948527,"flow_src_last_pkt_time":1686879129948527,"flow_dst_last_pkt_time":1686879129948527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686883384416005,"l3_proto":"ip4","src_ip":"157.120.252.123","dst_ip":"90.147.171.51","src_port":42800,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":610,"packets-processed":609,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30021,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":601,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":601,"total-idle-flows":600,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2905,"global_ts_usec":1686884068384734} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":610,"packets-processed":609,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30021,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":601,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":601,"total-idle-flows":600,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2905,"global_ts_usec":1686884068384734} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":602,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686884068384734,"flow_src_last_pkt_time":1686884068384734,"flow_dst_last_pkt_time":1686884068384734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686884068384734,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"186.112.202.53","src_port":49286,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":602,"flow_packet_id":1,"flow_src_last_pkt_time":1686884068384734,"flow_dst_last_pkt_time":1686884068384734,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686884068384734,"pkt":"xmjqc4OdPJTVQTiBCABFAAA51DEAAPkRX1OuMgcLunDKNcCGAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":602,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686884068384734,"flow_src_last_pkt_time":1686884068384734,"flow_dst_last_pkt_time":1686884068384734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686884068384734,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"186.112.202.53","src_port":49286,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":601,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686883384416005,"flow_src_last_pkt_time":1686883384416005,"flow_dst_last_pkt_time":1686883384416005,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686884068384734,"l3_proto":"ip4","src_ip":"155.185.93.215","dst_ip":"165.144.84.62","src_port":16031,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":611,"packets-processed":610,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30050,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":602,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":602,"total-idle-flows":601,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2910,"global_ts_usec":1686887976934834} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":611,"packets-processed":610,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30050,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":602,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":602,"total-idle-flows":601,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2910,"global_ts_usec":1686887976934834} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686887976934834,"flow_src_last_pkt_time":1686887976934834,"flow_dst_last_pkt_time":1686887976934834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686887976934834,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"74.111.203.55","src_port":54129,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":603,"flow_packet_id":1,"flow_src_last_pkt_time":1686887976934834,"flow_dst_last_pkt_time":1686887976934834,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686887976934834,"pkt":"ipffLU2SPJTVQTiBCABFAAA51DEAAPoRbRJZ1jiBSm\/LN9NxAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686887976934834,"flow_src_last_pkt_time":1686887976934834,"flow_dst_last_pkt_time":1686887976934834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686887976934834,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"74.111.203.55","src_port":54129,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":602,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686884068384734,"flow_src_last_pkt_time":1686884068384734,"flow_dst_last_pkt_time":1686884068384734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686887976934834,"l3_proto":"ip4","src_ip":"174.50.7.11","dst_ip":"186.112.202.53","src_port":49286,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":612,"packets-processed":611,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30079,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":603,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":603,"total-idle-flows":602,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2915,"global_ts_usec":1686889052799486} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":612,"packets-processed":611,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30079,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":603,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":603,"total-idle-flows":602,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2915,"global_ts_usec":1686889052799486} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":604,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686889052799486,"flow_src_last_pkt_time":1686889052799486,"flow_dst_last_pkt_time":1686889052799486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686889052799486,"l3_proto":"ip4","src_ip":"166.209.36.168","dst_ip":"90.141.37.56","src_port":54765,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":604,"flow_packet_id":1,"flow_src_last_pkt_time":1686889052799486,"flow_dst_last_pkt_time":1686889052799486,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686889052799486,"pkt":"3jHC4dyOPJTVQTiBCABFAAA51DEAAPkRbgOm0SSoWo0lONXtAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":604,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686889052799486,"flow_src_last_pkt_time":1686889052799486,"flow_dst_last_pkt_time":1686889052799486,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686889052799486,"l3_proto":"ip4","src_ip":"166.209.36.168","dst_ip":"90.141.37.56","src_port":54765,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686887976934834,"flow_src_last_pkt_time":1686887976934834,"flow_dst_last_pkt_time":1686887976934834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686889052799486,"l3_proto":"ip4","src_ip":"89.214.56.129","dst_ip":"74.111.203.55","src_port":54129,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":613,"packets-processed":612,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30108,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":604,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":604,"total-idle-flows":603,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2920,"global_ts_usec":1686891665856707} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":613,"packets-processed":612,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30108,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":604,"total-detection-updates":0,"total-updates":100,"current-active-flows":1,"total-active-flows":604,"total-idle-flows":603,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2920,"global_ts_usec":1686891665856707} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":605,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891665856707,"flow_src_last_pkt_time":1686891665856707,"flow_dst_last_pkt_time":1686891665856707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891665856707,"l3_proto":"ip4","src_ip":"70.191.37.189","dst_ip":"90.145.180.58","src_port":53867,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":605,"flow_packet_id":1,"flow_src_last_pkt_time":1686891665856707,"flow_dst_last_pkt_time":1686891665856707,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686891665856707,"pkt":"bs1PogZtPJTVQTiBCABFAAA+4yBAADQRvaRGvyW9WpG0OtJrAasAKvcVAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":605,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891665856707,"flow_src_last_pkt_time":1686891665856707,"flow_dst_last_pkt_time":1686891665856707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686891665856707,"l3_proto":"ip4","src_ip":"70.191.37.189","dst_ip":"90.145.180.58","src_port":53867,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2941,12 +2941,12 @@ 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":608,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891994836858,"flow_src_last_pkt_time":1686891994836858,"flow_dst_last_pkt_time":1686891994836858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686892196221763,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.144.84.62","src_port":12807,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":606,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891861875895,"flow_src_last_pkt_time":1686891861875895,"flow_dst_last_pkt_time":1686891861875895,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686892196221763,"l3_proto":"ip4","src_ip":"166.70.59.181","dst_ip":"69.109.187.54","src_port":28945,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":607,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686891930334421,"flow_src_last_pkt_time":1686891930334421,"flow_dst_last_pkt_time":1686891930334421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686892196221763,"l3_proto":"ip4","src_ip":"88.192.213.176","dst_ip":"165.114.202.61","src_port":12807,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":618,"packets-processed":617,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30278,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":609,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":609,"total-idle-flows":608,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2944,"global_ts_usec":1686893335451836} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":618,"packets-processed":617,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30278,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":609,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":609,"total-idle-flows":608,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2944,"global_ts_usec":1686893335451836} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":610,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686893335451836,"flow_src_last_pkt_time":1686893335451836,"flow_dst_last_pkt_time":1686893335451836,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686893335451836,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"186.112.202.53","src_port":57760,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":610,"flow_packet_id":1,"flow_src_last_pkt_time":1686893335451836,"flow_dst_last_pkt_time":1686893335451836,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686893335451836,"pkt":"xmjqc4OdPJTVQTiBCABFAAA+KW1AADQRd2JYP9q4unDKNeGgAasAKufqAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":610,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686893335451836,"flow_src_last_pkt_time":1686893335451836,"flow_dst_last_pkt_time":1686893335451836,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686893335451836,"l3_proto":"ip4","src_ip":"88.63.218.184","dst_ip":"186.112.202.53","src_port":57760,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":609,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686892196221763,"flow_src_last_pkt_time":1686892196221763,"flow_dst_last_pkt_time":1686892196221763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686893335451836,"l3_proto":"ip4","src_ip":"95.185.37.180","dst_ip":"85.111.52.57","src_port":56601,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":619,"packets-processed":618,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30312,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":610,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":610,"total-idle-flows":609,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2949,"global_ts_usec":1686894095858225} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":619,"packets-processed":618,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30312,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":610,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":610,"total-idle-flows":609,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2949,"global_ts_usec":1686894095858225} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":611,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894095858225,"flow_src_last_pkt_time":1686894095858225,"flow_dst_last_pkt_time":1686894095858225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894095858225,"l3_proto":"ip4","src_ip":"95.190.219.185","dst_ip":"90.111.212.50","src_port":65399,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":611,"flow_packet_id":1,"flow_src_last_pkt_time":1686894095858225,"flow_dst_last_pkt_time":1686894095858225,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686894095858225,"pkt":"AAwp30Y4PJTVQTiBCABFAAA+DzlAADQRkZhfvtu5Wm\/UMv93AasAKsoVAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":611,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894095858225,"flow_src_last_pkt_time":1686894095858225,"flow_dst_last_pkt_time":1686894095858225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894095858225,"l3_proto":"ip4","src_ip":"95.190.219.185","dst_ip":"90.111.212.50","src_port":65399,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2958,28 +2958,28 @@ 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":613,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894627287214,"flow_src_last_pkt_time":1686894627287214,"flow_dst_last_pkt_time":1686894627287214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894627287214,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":58318,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":613,"flow_packet_id":1,"flow_src_last_pkt_time":1686894627287214,"flow_dst_last_pkt_time":1686894627287214,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"thread_ts_usec":1686894627287214,"pkt":"ipffLU2SPJTVQTiBCABFAAA+zylAADQR0apAOMuySm\/LN+POAasAKuXBAgEAACIAAAAAAAAFAAJlbgAAAAAAAAAAAAhBQUFBQUFBQQ=="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":613,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894627287214,"flow_src_last_pkt_time":1686894627287214,"flow_dst_last_pkt_time":1686894627287214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686894627287214,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":58318,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":622,"packets-processed":621,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30414,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":613,"total-detection-updates":0,"total-updates":103,"current-active-flows":2,"total-active-flows":613,"total-idle-flows":611,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2961,"global_ts_usec":1686895136332318} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":622,"packets-processed":621,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30414,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":613,"total-detection-updates":0,"total-updates":103,"current-active-flows":2,"total-active-flows":613,"total-idle-flows":611,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2961,"global_ts_usec":1686895136332318} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":614,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686895136332318,"flow_src_last_pkt_time":1686895136332318,"flow_dst_last_pkt_time":1686895136332318,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686895136332318,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"69.109.187.54","src_port":43680,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":614,"flow_packet_id":1,"flow_src_last_pkt_time":1686895136332318,"flow_dst_last_pkt_time":1686895136332318,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686895136332318,"pkt":"bpHurUgdPJTVQTiBCABFAABLZR8AACcRbf1dZnxwRW27NqqgAasAN4SOAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":614,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686895136332318,"flow_src_last_pkt_time":1686895136332318,"flow_dst_last_pkt_time":1686895136332318,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686895136332318,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"69.109.187.54","src_port":43680,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":613,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894627287214,"flow_src_last_pkt_time":1686894627287214,"flow_dst_last_pkt_time":1686894627287214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686895136332318,"l3_proto":"ip4","src_ip":"64.56.203.178","dst_ip":"74.111.203.55","src_port":58318,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":612,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686894584993003,"flow_src_last_pkt_time":1686894584993003,"flow_dst_last_pkt_time":1686894584993003,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":34,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":34,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":34,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686895136332318,"l3_proto":"ip4","src_ip":"71.64.36.183","dst_ip":"90.147.171.51","src_port":43664,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":623,"packets-processed":622,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30461,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":614,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":614,"total-idle-flows":613,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2967,"global_ts_usec":1686900080044444} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":623,"packets-processed":622,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30461,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":614,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":614,"total-idle-flows":613,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2967,"global_ts_usec":1686900080044444} 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":615,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686900080044444,"flow_src_last_pkt_time":1686900080044444,"flow_dst_last_pkt_time":1686900080044444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686900080044444,"l3_proto":"ip4","src_ip":"185.27.37.156","dst_ip":"90.145.180.58","src_port":54712,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":615,"flow_packet_id":1,"flow_src_last_pkt_time":1686900080044444,"flow_dst_last_pkt_time":1686900080044444,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686900080044444,"pkt":"bs1PogZtPJTVQTiBCABFAAA51DEAAPkRbia5GyWcWpG0OtW4AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":615,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686900080044444,"flow_src_last_pkt_time":1686900080044444,"flow_dst_last_pkt_time":1686900080044444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686900080044444,"l3_proto":"ip4","src_ip":"185.27.37.156","dst_ip":"90.145.180.58","src_port":54712,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":614,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686895136332318,"flow_src_last_pkt_time":1686895136332318,"flow_dst_last_pkt_time":1686895136332318,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686900080044444,"l3_proto":"ip4","src_ip":"93.102.124.112","dst_ip":"69.109.187.54","src_port":43680,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":624,"packets-processed":623,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30490,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":615,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":615,"total-idle-flows":614,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2972,"global_ts_usec":1686903641258422} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":624,"packets-processed":623,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30490,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":615,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":615,"total-idle-flows":614,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2972,"global_ts_usec":1686903641258422} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":616,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686903641258422,"flow_src_last_pkt_time":1686903641258422,"flow_dst_last_pkt_time":1686903641258422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686903641258422,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"90.111.212.50","src_port":53551,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":616,"flow_packet_id":1,"flow_src_last_pkt_time":1686903641258422,"flow_dst_last_pkt_time":1686903641258422,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686903641258422,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPoRbOK61Z7hWm\/UMtEvAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00948{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":616,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686903641258422,"flow_src_last_pkt_time":1686903641258422,"flow_dst_last_pkt_time":1686903641258422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686903641258422,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"90.111.212.50","src_port":53551,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":615,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686900080044444,"flow_src_last_pkt_time":1686900080044444,"flow_dst_last_pkt_time":1686900080044444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686903641258422,"l3_proto":"ip4","src_ip":"185.27.37.156","dst_ip":"90.145.180.58","src_port":54712,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":625,"packets-processed":624,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30519,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":616,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":616,"total-idle-flows":615,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2977,"global_ts_usec":1686910566541526} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":625,"packets-processed":624,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30519,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":616,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":616,"total-idle-flows":615,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2977,"global_ts_usec":1686910566541526} 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":617,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686910566541526,"flow_src_last_pkt_time":1686910566541526,"flow_dst_last_pkt_time":1686910566541526,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686910566541526,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":55642,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":617,"flow_packet_id":1,"flow_src_last_pkt_time":1686910566541526,"flow_dst_last_pkt_time":1686910566541526,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":1686910566541526,"pkt":"3jHC4dyOPJTVQTiBCABFCABL+kUAACIR0GunB5p9Wo0lONlaAasAN0hxAgEAAC8AAAAAAEQAAAJlbgAAAA5zZXJ2aWNlOmNlbnN5cwAHREVGQVVMVAAAAAA="} 00945{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":617,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686910566541526,"flow_src_last_pkt_time":1686910566541526,"flow_dst_last_pkt_time":1686910566541526,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686910566541526,"l3_proto":"ip4","src_ip":"167.7.154.125","dst_ip":"90.141.37.56","src_port":55642,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":616,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686903641258422,"flow_src_last_pkt_time":1686903641258422,"flow_dst_last_pkt_time":1686903641258422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686910566541526,"l3_proto":"ip4","src_ip":"186.213.158.225","dst_ip":"90.111.212.50","src_port":53551,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":626,"packets-processed":625,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30566,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":617,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":617,"total-idle-flows":616,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2982,"global_ts_usec":1686916643605858} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":626,"packets-processed":625,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30566,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":617,"total-detection-updates":0,"total-updates":103,"current-active-flows":1,"total-active-flows":617,"total-idle-flows":616,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2982,"global_ts_usec":1686916643605858} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":618,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916643605858,"flow_src_last_pkt_time":1686916643605858,"flow_dst_last_pkt_time":1686916643605858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686916643605858,"l3_proto":"ip4","src_ip":"70.216.186.103","dst_ip":"90.147.171.51","src_port":52251,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":618,"flow_packet_id":1,"flow_src_last_pkt_time":1686916643605858,"flow_dst_last_pkt_time":1686916643605858,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686916643605858,"pkt":"AAwp30Y4PJTVQTiBCABFAAA51DEAAPkRbZlG2LpnWpOrM8wbAasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":618,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916643605858,"flow_src_last_pkt_time":1686916643605858,"flow_dst_last_pkt_time":1686916643605858,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686916643605858,"l3_proto":"ip4","src_ip":"70.216.186.103","dst_ip":"90.147.171.51","src_port":52251,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2987,7 +2987,7 @@ 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":619,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916678686629,"flow_src_last_pkt_time":1686916678686629,"flow_dst_last_pkt_time":1686916678686629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686916678686629,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":26319,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00582{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":619,"flow_packet_id":1,"flow_src_last_pkt_time":1686916678686629,"flow_dst_last_pkt_time":1686916678686629,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"thread_ts_usec":1686916678686629,"pkt":"AAwp30Y4PJTVQTiBCABFCABS3OcAAGsROahDnxCWpXLKPWbPAasAPgAAAgEAADYgAAAAAAABAAJlbgAAABVzZXJ2aWNlOnNlcnZpY2UtYWdlbnQAB2RlZmF1bHQAAAAA"} 00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":619,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686916678686629,"flow_src_last_pkt_time":1686916678686629,"flow_dst_last_pkt_time":1686916678686629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":54,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":54,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686916678686629,"l3_proto":"ip4","src_ip":"67.159.16.150","dst_ip":"165.114.202.61","src_port":26319,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":628,"packets-processed":627,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30649,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":619,"total-detection-updates":0,"total-updates":103,"current-active-flows":2,"total-active-flows":619,"total-idle-flows":617,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2990,"global_ts_usec":1686918716711404} +00853{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":628,"packets-processed":627,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30649,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":619,"total-detection-updates":0,"total-updates":103,"current-active-flows":2,"total-active-flows":619,"total-idle-flows":617,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2990,"global_ts_usec":1686918716711404} 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":620,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686918716711404,"flow_src_last_pkt_time":1686918716711404,"flow_dst_last_pkt_time":1686918716711404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686918716711404,"l3_proto":"ip4","src_ip":"58.22.67.22","dst_ip":"85.111.52.57","src_port":52092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":620,"flow_packet_id":1,"flow_src_last_pkt_time":1686918716711404,"flow_dst_last_pkt_time":1686918716711404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":1686918716711404,"pkt":"moT+\/Ph8PJTVQTiBCABFAAA51DEAAPoRbEQ6FkMWVW80Oct8AasAJQAAAgkAAB0AAAAAAJ32AAJlbgAA\/\/8AB0RFRkFVTFQ="} 00943{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":620,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686918716711404,"flow_src_last_pkt_time":1686918716711404,"flow_dst_last_pkt_time":1686918716711404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686918716711404,"l3_proto":"ip4","src_ip":"58.22.67.22","dst_ip":"85.111.52.57","src_port":52092,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} @@ -2998,7 +2998,7 @@ 00946{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":621,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686919264737057,"flow_src_last_pkt_time":1686919264737057,"flow_dst_last_pkt_time":1686919264737057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686919264737057,"l3_proto":"ip4","src_ip":"217.39.155.99","dst_ip":"165.144.84.62","src_port":51503,"dst_port":427,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":621,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686919264737057,"flow_src_last_pkt_time":1686919264737057,"flow_dst_last_pkt_time":1686919264737057,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686919264737057,"l3_proto":"ip4","src_ip":"217.39.155.99","dst_ip":"165.144.84.62","src_port":51503,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","flow_id":620,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1686918716711404,"flow_src_last_pkt_time":1686918716711404,"flow_dst_last_pkt_time":1686918716711404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1686919264737057,"l3_proto":"ip4","src_ip":"58.22.67.22","dst_ip":"85.111.52.57","src_port":52092,"dst_port":427,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Service_Location_Protocol","proto_id":"347","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}} -00855{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":629,"packets-processed":629,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30707,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":621,"total-detection-updates":0,"total-updates":103,"current-active-flows":0,"total-active-flows":621,"total-idle-flows":621,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":3001,"global_ts_usec":1686919264737057} +00855{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/srvloc.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":629,"packets-processed":629,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":30707,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":621,"total-detection-updates":0,"total-updates":103,"current-active-flows":0,"total-active-flows":621,"total-idle-flows":621,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":3001,"global_ts_usec":1686919264737057} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ ~~ packets captured/processed: 629/629 ~~ skipped flows.............: 0 @@ -3007,9 +3007,9 @@ ~~ total active/idle flows...: 621/621 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 8979050 bytes -~~ total memory freed........: 8979050 bytes -~~ total allocations/frees...: 133317/133317 +~~ total memory allocated....: 9921257 bytes +~~ total memory freed........: 9921257 bytes +~~ total allocations/frees...: 152179/152179 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json message min len.......: 553 chars ~~ json message max len.......: 1000 chars |