diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2022-09-06 14:50:46 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2022-09-06 14:50:46 +0200 |
| commit | f9bd7d29ced8e596aeaab2258bc7f56f14521a2e (patch) | |
| tree | ddd578b6edcaa2a80847433522f2f32197191622 /test/results/kontiki.pcap.out | |
| parent | c5c7d83c97620c9bae7939b21d46a1458291ebf6 (diff) | |
Bump libnDPI to 37f918322c0a489b5143a987c8f1a44a6f78a6f3 and updated flow json schema file.
* export env vars AR / CMAKE_C_COMPILER_AR and RANLIB / CMAKE_C_COMPILER_RANLIB while building libnDPI
* nDPId check API version during startup (macro vs. function call) and print a warning if they are different
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/kontiki.pcap.out')
| -rw-r--r-- | test/results/kontiki.pcap.out | 34 |
1 files changed, 17 insertions, 17 deletions
diff --git a/test/results/kontiki.pcap.out b/test/results/kontiki.pcap.out index 32ae1538e..b8756fee6 100644 --- a/test/results/kontiki.pcap.out +++ b/test/results/kontiki.pcap.out @@ -6,40 +6,40 @@ 00856{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_last_seen":1213662198289,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":353,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":353,"pkt_l4_len":319,"thread_ts_msec":1213662198289,"pkt":"AAAMB6wIABVYKKDoCABFAAFTD48AACARip0KGSA7QMiUUk3sB5wBPyUCAgUEALiJxyqdfRurkGvxcQAAAAHGclB+GpXQo7ilG\/X+QBPHZNzcc2Vgl8HXEWakCXkI\/uj8lmIl1eBkbhN4MvAcq86Z98N3bIP98eTWEBdQEYXavGuDSMiGARvJZed\/c1zWfWkiBQDMPgD+Ih+\/PJjSy0mU1LUYMuUE02zzTShWQfCvM2Xa9SOg6ec0xfxrP6bVssVjaXJqz1AT6v7o8NtJtnsERCco1F8aGfNVg8yXB5v\/LbWp1E2sz6l3Uqjqcfx5ZJSkZLl83RIr7uaKcsAZozQEdGaeqFqM+vh1lG8CYU5v3cUXR+iWSzTqhorAV8WhTpNJoFMNHVApj2b53cJQug6cwf67kqgCY5\/UQxlKUrAgIAb+T+C6ITKs8wNPNWZJmf3s1l4sH4nkFe9HNSIG47QjMrQ="} 00689{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198289,"flow_last_seen":1213662198289,"flow_idle_time":200000,"flow_src_min_l4_payload_len":4,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":4,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198289,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.86","src_port":19948,"dst_port":8888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00439{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_last_seen":1213662198289,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":46,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":46,"pkt_l4_len":12,"thread_ts_msec":1213662198289,"pkt":"AAAMB6wIABVYKKDoCABFAAAgD5AAAAIRqcsKGSA7QMiUVk3sIrgADIy+AgEBAA=="} -00879{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198289,"flow_last_seen":1213662198289,"flow_idle_time":200000,"flow_src_min_l4_payload_len":4,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":4,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198289,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.86","src_port":19948,"dst_port":8888,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Kontiki","breed":"Potentially Dangerous","category":"Media"}} +00925{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198289,"flow_last_seen":1213662198289,"flow_idle_time":200000,"flow_src_min_l4_payload_len":4,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":4,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198289,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.86","src_port":19948,"dst_port":8888,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Kontiki","proto_id":"32","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} 00659{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198289,"flow_last_seen":1213662198289,"flow_idle_time":140000,"flow_src_min_l4_payload_len":40,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":40,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198289,"l3_proto":"ip4","src_ip":"10.25.249.14","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3} 00475{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_last_seen":1213662198289,"flow_idle_time":140000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1213662198289,"pkt":"ABVYKKDoANAreRD8CABFwAA8nDwAAP4B8kgKGfkOChkgOwsA9I8AAAAARQAAIA+QAAABEarLChkgO0DIlFZN7CK4AAyMvgIBAQA="} -00737{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198289,"flow_last_seen":1213662198289,"flow_idle_time":140000,"flow_src_min_l4_payload_len":40,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":40,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198289,"l3_proto":"ip4","src_ip":"10.25.249.14","dst_ip":"10.25.32.59","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"},"entropy":4.304229} +00784{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198289,"flow_last_seen":1213662198289,"flow_idle_time":140000,"flow_src_min_l4_payload_len":40,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":40,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198289,"l3_proto":"ip4","src_ip":"10.25.249.14","dst_ip":"10.25.32.59","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.304229}} 00719{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_last_seen":1213662198292,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":252,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":252,"pkt_l4_len":218,"thread_ts_msec":1213662198292,"pkt":"ABVYKKDoANAreRD8CABFAADuAABAADQRRpFAyJRSChkgOwecTewA2iL0AgUEADrI\/CCQa\/FynX0bqwAAAAEU3Ww9OKrYuWJ\/RoFyF3QkawgIztP7rZEqNEZAvKFqVsbVX6Q7o7C1GOOdgQ95sj8arDoplqug4W5ycMyrjvQQyOwCiAR\/6y2A+p1htTIZLrGyKHiEi2Jp9hwzPzovQAePahwaDoff8ISW08I83wX6VJuH0Ja\/8FiWxNnH+Ai3SlJjJhuk49id1Yw4mSXZ8jvVv5UwGXcIGiI6B0mhLZ+A10L6EpKDfeBwW1y7ll9X6Tp66XFf4oxdv3GVbO9k"} 00690{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662198298,"flow_idle_time":200000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":20,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198298,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.88","src_port":19948,"dst_port":80,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00460{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_last_seen":1213662198298,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_msec":1213662198298,"pkt":"AAAMB6wIABVYKKDoCABFAAAwD5EAACARi7gKGSA7QMiUWE3sAFAAHNz5AgUCAE9LWIs\/euHNAAAE5AIEAQA="} -00880{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662198298,"flow_idle_time":200000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":20,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198298,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.88","src_port":19948,"dst_port":80,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Kontiki","breed":"Potentially Dangerous","category":"Media"}} +00926{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662198298,"flow_idle_time":200000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":20,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198298,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.88","src_port":19948,"dst_port":80,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Kontiki","proto_id":"32","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} 00657{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662198298,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198298,"l3_proto":"ip4","src_ip":"10.25.32.3","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3} 00471{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_last_seen":1213662198298,"flow_idle_time":140000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_msec":1213662198298,"pkt":"ABVYKKDoANABJAf8CABFAAA4wMIAAP8BppIKGSADChkgOwMN0aAAAAAARQAAMA+RAAAfEYy4ChkgO0DIlFhN7ABQABzc+Q=="} -00735{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662198298,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198298,"l3_proto":"ip4","src_ip":"10.25.32.3","dst_ip":"10.25.32.59","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"},"entropy":4.253434} +00782{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662198298,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198298,"l3_proto":"ip4","src_ip":"10.25.32.3","dst_ip":"10.25.32.59","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.253434}} 00455{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_last_seen":1213662198301,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_msec":1213662198301,"pkt":"AAAMB6wIABVYKKDoCABFAAAsD5IAACARi8EKGSA7QMiUUk3sB5wAGMoHAgQkALiJxyqdfRurkGvxcg=="} 00439{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_last_seen":1213662198488,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":46,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":46,"pkt_l4_len":12,"thread_ts_msec":1213662198488,"pkt":"AAAMB6wIABVYKKDoCABFAAAgD5cAAAQRp8QKGSA7QMiUVk3sIrgADIy+AgEBAA=="} 00663{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":10,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198488,"flow_last_seen":1213662198488,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198488,"l3_proto":"ip4","src_ip":"216.168.241.157","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3} 00472{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_last_seen":1213662198488,"flow_idle_time":140000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_msec":1213662198488,"pkt":"ABVYKKDoANAreRD8CABFwAA4pIcAAPwBJOPYqPGdChkgOwsADhsAAAAARQAAIA+XAAABEarEChkgO0DIlFZN7CK4AAx2NA=="} -00741{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":10,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198488,"flow_last_seen":1213662198488,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198488,"l3_proto":"ip4","src_ip":"216.168.241.157","dst_ip":"10.25.32.59","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"},"entropy":4.321296} +00788{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":10,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198488,"flow_last_seen":1213662198488,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198488,"l3_proto":"ip4","src_ip":"216.168.241.157","dst_ip":"10.25.32.59","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.321296}} 00440{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_last_seen":1213662198700,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":46,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":46,"pkt_l4_len":12,"thread_ts_msec":1213662198700,"pkt":"AAAMB6wIABVYKKDoCABFAAAgD6YAAAYRpbUKGSA7QMiUVk3sIrgADIy+AgEBAA=="} 00660{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":12,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198701,"flow_last_seen":1213662198701,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198701,"l3_proto":"ip4","src_ip":"4.79.219.125","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3} 00473{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_last_seen":1213662198701,"flow_idle_time":140000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_msec":1213662198701,"pkt":"ABVYKKDoANAreRD8CABFwAA4\/Y8AAPoBuFQET9t9ChkgOwsADhsAAAAARQAAIA+mAAABEaq1ChkgO0DIlFZN7CK4AAx2NA=="} -00738{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":12,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198701,"flow_last_seen":1213662198701,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198701,"l3_proto":"ip4","src_ip":"4.79.219.125","dst_ip":"10.25.32.59","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"},"entropy":4.321296} +00785{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":12,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198701,"flow_last_seen":1213662198701,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662198701,"l3_proto":"ip4","src_ip":"4.79.219.125","dst_ip":"10.25.32.59","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.321296}} 00463{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1173,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_last_seen":1213662200284,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_msec":1213662200284,"pkt":"AAAMB6wIABVYKKDoCABFAAAwEAgAACARi0EKGSA7QMiUWE3sAFAAHLz5AgUiAE9LWIs\/euHNAAAE5AIEAQA="} 00474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1174,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_last_seen":1213662200285,"flow_idle_time":140000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_msec":1213662200285,"pkt":"ABVYKKDoANABJAf8CABFAAA4wRIAAP8BpkIKGSADChkgOwMN8aAAAAAARQAAMBAIAAAfEYxBChkgO0DIlFhN7ABQABy8+Q=="} 00463{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2709,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":3,"flow_last_seen":1213662202284,"flow_idle_time":200000,"pkt_oversize":false,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_msec":1213662202284,"pkt":"AAAMB6wIABVYKKDoCABFAAAwEJ8AACARiqoKGSA7QMiUWE3sAFAAHLz5AgUiAE9LWIs\/euHNAAAE5AIEAQA="} 00474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2710,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":3,"flow_last_seen":1213662202285,"flow_idle_time":140000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_msec":1213662202285,"pkt":"ABVYKKDoANABJAf8CABFAAA4wVoAAP8BpfoKGSADChkgOwMN8aAAAAAARQAAMBCfAAAfEYuqChkgO0DIlFhN7ABQABy8+Q=="} -00760{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198701,"flow_last_seen":1213662198701,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"4.79.219.125","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"}} -00763{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198488,"flow_last_seen":1213662198488,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"216.168.241.157","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"}} -00940{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":261,"flow_dst_packets_processed":3013,"flow_first_seen":1213662198289,"flow_last_seen":1213662202882,"flow_idle_time":200000,"flow_src_min_l4_payload_len":4,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":217,"flow_dst_max_l4_payload_len":1241,"flow_src_tot_l4_payload_len":6335,"flow_dst_tot_l4_payload_len":3708231,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.86","src_port":19948,"dst_port":8888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Kontiki","breed":"Potentially Dangerous","category":"Media"}} -00759{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662202883,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.3","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"}} -00760{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198289,"flow_last_seen":1213662198289,"flow_idle_time":140000,"flow_src_min_l4_payload_len":40,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":40,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.249.14","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"}} -00717{"flow_event_id":8,"flow_event_name":"not-detected","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662195077,"flow_last_seen":1213662195077,"flow_idle_time":200000,"flow_src_min_l4_payload_len":991,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":991,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":991,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"255.255.255.255","src_port":19948,"dst_port":19948,"l4_proto":"udp","ndpi": {"proto":"Unknown","breed":"Unrated"}} +00807{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198701,"flow_last_seen":1213662198701,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"4.79.219.125","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00810{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198488,"flow_last_seen":1213662198488,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"216.168.241.157","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":261,"flow_dst_packets_processed":3013,"flow_first_seen":1213662198289,"flow_last_seen":1213662202882,"flow_idle_time":200000,"flow_src_min_l4_payload_len":4,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":217,"flow_dst_max_l4_payload_len":1241,"flow_src_tot_l4_payload_len":6335,"flow_dst_tot_l4_payload_len":3708231,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.86","src_port":19948,"dst_port":8888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Kontiki","proto_id":"32","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} +00806{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662202883,"flow_idle_time":140000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.3","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00807{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662198289,"flow_last_seen":1213662198289,"flow_idle_time":140000,"flow_src_min_l4_payload_len":40,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":40,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.249.14","dst_ip":"10.25.32.59","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00746{"flow_event_id":8,"flow_event_name":"not-detected","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662195077,"flow_last_seen":1213662195077,"flow_idle_time":200000,"flow_src_min_l4_payload_len":991,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":991,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":991,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"255.255.255.255","src_port":19948,"dst_port":19948,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} 00702{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1213662195077,"flow_last_seen":1213662195077,"flow_idle_time":200000,"flow_src_min_l4_payload_len":991,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":991,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":991,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"255.255.255.255","src_port":19948,"dst_port":19948,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00717{"flow_event_id":8,"flow_event_name":"not-detected","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1213662198289,"flow_last_seen":1213662198301,"flow_idle_time":200000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":311,"flow_dst_max_l4_payload_len":210,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":210,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.82","src_port":19948,"dst_port":1948,"l4_proto":"udp","ndpi": {"proto":"Unknown","breed":"Unrated"}} +00746{"flow_event_id":8,"flow_event_name":"not-detected","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1213662198289,"flow_last_seen":1213662198301,"flow_idle_time":200000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":311,"flow_dst_max_l4_payload_len":210,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":210,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.82","src_port":19948,"dst_port":1948,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} 00702{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1213662198289,"flow_last_seen":1213662198301,"flow_idle_time":200000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":311,"flow_dst_max_l4_payload_len":210,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":210,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.82","src_port":19948,"dst_port":1948,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00922{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662202883,"flow_idle_time":200000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":80,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.88","src_port":19948,"dst_port":80,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Kontiki","breed":"Potentially Dangerous","category":"Media"}} +00968{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":1213662198298,"flow_last_seen":1213662202883,"flow_idle_time":200000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":80,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1213662202883,"l3_proto":"ip4","src_ip":"10.25.32.59","dst_ip":"64.200.148.88","src_port":19948,"dst_port":80,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Kontiki","proto_id":"32","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} 00565{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3289,"source":"kontiki.pcap","alias":"nDPId-test","packets-captured":3289,"packets-processed":3289,"total-skipped-flows":0,"total-l4-payload-len":3716430,"total-not-detected-flows":2,"total-guessed-flows":0,"total-detected-flows":6,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":8,"total-idle-flows":8,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":43,"global_ts_msec":1213662202883} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ ~~ packets captured/processed: 3289/3289 @@ -49,9 +49,9 @@ ~~ total active/idle flows...: 8/8 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 6105978 bytes -~~ total memory freed........: 6105978 bytes -~~ total allocations/frees...: 124192/124192 +~~ total memory allocated....: 6134113 bytes +~~ total memory freed........: 6134113 bytes +~~ total allocations/frees...: 124744/124744 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 444 chars ~~ json string max len.......: 1778 chars |