diff options
Diffstat (limited to 'test/results/default/discord.pcap.out')
| -rw-r--r-- | test/results/default/discord.pcap.out | 44 |
1 files changed, 22 insertions, 22 deletions
diff --git a/test/results/default/discord.pcap.out b/test/results/default/discord.pcap.out index f11d3bb13..2557f3e51 100644 --- a/test/results/default/discord.pcap.out +++ b/test/results/default/discord.pcap.out @@ -1,4 +1,4 @@ -00609{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} +00612{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} 00740{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":42193200,"flow_src_last_pkt_time":42193200,"flow_dst_last_pkt_time":42193200,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":42193200,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.159.128.233","src_port":42834,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":42193200,"flow_dst_last_pkt_time":42193200,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":42193200,"pkt":"UlQAEjUCCAAnW\/mGCABFAAA8+ptAAEAGEIkKAAIPop+A6adSAbuGXfMIAAAAAKAC+vDjjQAAAgQFtAQCCAqmenD7AAAAAAEDAwc="} 00511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":42193200,"flow_dst_last_pkt_time":42208691,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":42208691,"pkt":"CAAnW\/mGUlQAEjUCCABFAAAsAYYAAEAGSa+in4DpCgACDwG7p1IAKQQBhl3zCWAS\/\/9B4AAAAgQFtA=="} @@ -70,9 +70,9 @@ 00909{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":3,"flow_src_last_pkt_time":1657223839933000,"flow_dst_last_pkt_time":1657223839923000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":333,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":333,"pkt_l4_len":299,"thread_ts_usec":1657223839933000,"pkt":"eJS0JASgYDjgxTWgCABFAAE\/oK8AAH8R0C7AqAJkQhbErcw7w1QBK3njkHgfJThe7yMAAKzjvt4AAdPr6lB\/MmLY6r0BoDp6lUyFeuTPGvfdfp7KE9nFuBixePCbH75Tva3BRIf\/8d4MF9NsSgs5XH1m8leA7mXAN0XKA\/DPnsvG8a5e8SvE2aWjVrLHGfJTYO37+p8StN6\/4nr+IYOq4r0HrcSSoYmF0egtxXlIXsfN4GRXxe4amI5fVv3zN820vR7gEJugEogj4LOR2HNSBcf+CjaPl67KaGAwL0tQX28wr8QjHn28zG2tR\/Kqgjtbj36ndy7FRCI9bRa5S6bqT0G557uwh\/Ot\/zbn7KU8BWcZt6nIkEzKBT5rUQrzHStCOspfzFLaKK2yBe8g\/MfAO6mkg9rfS+PXqo6zofJ7XBsxnfhR0JrWqPYQDACA"} 00911{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":4,"flow_src_last_pkt_time":1657223839957000,"flow_dst_last_pkt_time":1657223839923000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":334,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":334,"pkt_l4_len":300,"thread_ts_usec":1657223839957000,"pkt":"eJS0JASgYDjgxTWgCABFAAFAoLAAAH8R0CzAqAJkQhbErcw7w1QBLPvqkHgfJjhe8uMAAKzjvt4AAZiQwJ4o10jxiVz+JamhK9S\/zIzCFhFjkBW9IBQGhd1Du\/aHJfLyhtiPfg71GxhXa0QLh5xnPNr3rTXOOCCwMsRxiz0rYUnFuDqzXQzct3XfTwHRRHryE34\/br5c91C\/9l8tAjK9MQaiPZVmX9eq85M336E\/k8sOO78\/vDAi1qL5VBO+dfVfJdK6hF9RTOLJ0wvqrelCk80T1IFCSSTolMlu1U75ute3\/91OH2rpXBHmBQ+mZzbKpaYPjGEWQS2LQeBcm3lph5sEAZDHnmhSkBVtn7+efoH4mHENBRdFc9B5EVT1rJV0EowqraINqsNJZQFQ8lXJRzC3els3ER7h0uot95ru+IrfvsKB2RpUnz6wEQwAgA=="} 00893{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":5,"flow_src_last_pkt_time":1657223839957000,"flow_dst_last_pkt_time":1657223839961000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":323,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":323,"pkt_l4_len":289,"thread_ts_usec":1657223839961000,"pkt":"YDjgxTWgeJS0JASgCABFAAE1WHlAADoRHW9CFsStwKgCZMNUzDsBIVnPkHjz47Y9e1sAAKE5vt4AAZcfotKpRoR7OJANOQHEO3xW3eJ4YxnKhi0cyiM8dclJ0zWcZ\/mc1DTzWlXRto4tZLEeCRbk7OYimeXwf+K5wUAKCHGlAY1YLJ+I1hqlmi7oMNL0iCVjIuxrgGl64MvXBPic9oo1Rea8HOzWq6FRcH+xEXtcYuteqhTs\/3Lfwky0OyEsF7sAMMZSRPYidf8ZK4Vj\/9xOzchJFK+31kpkm0hY8FEJnAhdh+lxxr5bPe27xWHoh4oMZIkQZ+r0GO3mROkWr3kGA3JZq0zEsc8KXn\/cGDS013qDThcdJi5D3cihPKNyed5Ao69oNc+wa9JDh7F\/cNBy9gCYY+Go6BwEjInYIwtHCHUOAAA="} +00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":11,"flow_first_seen":1657223740296000,"flow_src_last_pkt_time":1657223740412000,"flow_dst_last_pkt_time":1657223740422000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":1026,"flow_src_tot_l4_payload_len":213,"flow_dst_tot_l4_payload_len":7273,"midstream":0,"thread_ts_usec":1657223840043000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"35.214.238.161","src_port":64837,"dst_port":50001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223779896000,"flow_src_last_pkt_time":1657223780038000,"flow_dst_last_pkt_time":1657223780046000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":253,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1494,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657223840043000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":55085,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00978{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1657223719868000,"flow_src_last_pkt_time":1657223720042000,"flow_dst_last_pkt_time":1657223720058000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":319,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":777,"flow_dst_tot_l4_payload_len":1768,"midstream":0,"thread_ts_usec":1657223840043000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57955,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":11,"flow_first_seen":1657223740296000,"flow_src_last_pkt_time":1657223740412000,"flow_dst_last_pkt_time":1657223740422000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":1026,"flow_src_tot_l4_payload_len":213,"flow_dst_tot_l4_payload_len":7273,"midstream":0,"thread_ts_usec":1657223840043000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"35.214.238.161","src_port":64837,"dst_port":50001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657223899895000,"flow_src_last_pkt_time":1657223899895000,"flow_dst_last_pkt_time":1657223899895000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657223899895000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":50199,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00611{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":80,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":1,"flow_src_last_pkt_time":1657223899895000,"flow_dst_last_pkt_time":1657223899895000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657223899895000,"pkt":"eJS0JASgYDjgxTWgCABFAABmqN8AAH8RyNfAqAJkQhbErcQXw1QAUhzYAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5Ao="} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":81,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":2,"flow_src_last_pkt_time":1657223899895000,"flow_dst_last_pkt_time":1657223899922000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657223899922000,"pkt":"YDjgxTWgeJS0JASgCABFAABmd4VAADoR\/zFCFsStwKgCZMNUxBcAUtigAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxBc="} @@ -84,10 +84,10 @@ 00611{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":95,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":1,"flow_src_last_pkt_time":1657223900042000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657223900042000,"pkt":"eJS0JASgYDjgxTWgCABFAABmlIEAAH8R3TXAqAJkQhbEreJkw1QAUoApAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmw="} 00611{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":96,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":2,"flow_src_last_pkt_time":1657223900042000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657223900042000,"pkt":"YDjgxTWgeJS0JASgCABFAABmFLBAADoRYgdCFsStwKgCZMNU4mQAUpwGAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mQ="} 00975{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":96,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1657223900042000,"flow_src_last_pkt_time":1657223900042000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1657223900042000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57956,"dst_port":50004,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative","discord": {"client_ip":"84.59.132.100"}}} +00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":11,"flow_first_seen":1657223740296000,"flow_src_last_pkt_time":1657223740412000,"flow_dst_last_pkt_time":1657223740422000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":1026,"flow_src_tot_l4_payload_len":213,"flow_dst_tot_l4_payload_len":7273,"midstream":0,"thread_ts_usec":1657223900042000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"35.214.238.161","src_port":64837,"dst_port":50001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223839896000,"flow_src_last_pkt_time":1657223840035000,"flow_dst_last_pkt_time":1657223840043000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":292,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1798,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657223900042000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":52283,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223779896000,"flow_src_last_pkt_time":1657223780038000,"flow_dst_last_pkt_time":1657223780046000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":253,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1494,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657223900042000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":55085,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00978{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1657223719868000,"flow_src_last_pkt_time":1657223720042000,"flow_dst_last_pkt_time":1657223720058000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":319,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":777,"flow_dst_tot_l4_payload_len":1768,"midstream":0,"thread_ts_usec":1657223900042000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57955,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223839896000,"flow_src_last_pkt_time":1657223840035000,"flow_dst_last_pkt_time":1657223840043000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":292,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1798,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657223900042000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":52283,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00986{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":11,"flow_first_seen":1657223740296000,"flow_src_last_pkt_time":1657223740412000,"flow_dst_last_pkt_time":1657223740422000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":1026,"flow_src_tot_l4_payload_len":213,"flow_dst_tot_l4_payload_len":7273,"midstream":0,"thread_ts_usec":1657223900042000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"35.214.238.161","src_port":64837,"dst_port":50001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657223959895000,"flow_src_last_pkt_time":1657223959895000,"flow_dst_last_pkt_time":1657223959895000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657223959895000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":53459,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":97,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":1,"flow_src_last_pkt_time":1657223959895000,"flow_dst_last_pkt_time":1657223959895000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657223959895000,"pkt":"eJS0JASgYDjgxTWgCABFAABmrgcAAH8Rw6\/AqAJkQhbErdDTw1QAUiv7AAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyCs="} 00611{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":2,"flow_src_last_pkt_time":1657223959895000,"flow_dst_last_pkt_time":1657223959923000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657223959923000,"pkt":"YDjgxTWgeJS0JASgCABFAABmm3FAADoR20VCFsStwKgCZMNU0NMAUr8oAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0NM="} @@ -95,12 +95,12 @@ 00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":99,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":3,"flow_src_last_pkt_time":1657223960020000,"flow_dst_last_pkt_time":1657223959923000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":50,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":50,"pkt_l4_len":16,"thread_ts_usec":1657223960020000,"pkt":"eJS0JASgYDjgxTWgCABFAAAkrggAAH8Rw\/DAqAJkQhbErdDTw1QAEJKfEzfK\/jEAAAA="} 00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":100,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":4,"flow_src_last_pkt_time":1657223960020000,"flow_dst_last_pkt_time":1657223960047000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":16,"thread_ts_usec":1657223960047000,"pkt":"YDjgxTWgeJS0JASgCABFAAAkm4RAADoR23RCFsStwKgCZMNU0NMAEJKfEzfK\/jEAAAAAAAAAAAAAAAAA"} 00595{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":101,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":5,"flow_src_last_pkt_time":1657223961506000,"flow_dst_last_pkt_time":1657223960047000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":102,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":102,"pkt_l4_len":68,"thread_ts_usec":1657223961506000,"pkt":"eJS0JASgYDjgxTWgCABFAABYrgkAAH8Rw7vAqAJkQhbErdDTw1QARJfNgMgABgAArOPbo\/ZHdusKWfP9nXfbv2Qv5\/dJrdybNu\/EZeKQshUEjz532Au0yd3hCCRSueJ43m5PGQCA"} +00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":11,"flow_first_seen":1657223740296000,"flow_src_last_pkt_time":1657223740412000,"flow_dst_last_pkt_time":1657223740422000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":1026,"flow_src_tot_l4_payload_len":213,"flow_dst_tot_l4_payload_len":7273,"midstream":0,"thread_ts_usec":1657223961720000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"35.214.238.161","src_port":64837,"dst_port":50001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223779896000,"flow_src_last_pkt_time":1657223780038000,"flow_dst_last_pkt_time":1657223780046000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":253,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1494,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657223961720000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":55085,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1657223719868000,"flow_src_last_pkt_time":1657223720042000,"flow_dst_last_pkt_time":1657223720058000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":319,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":777,"flow_dst_tot_l4_payload_len":1768,"midstream":0,"thread_ts_usec":1657223961720000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57955,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":11,"flow_first_seen":1657223740296000,"flow_src_last_pkt_time":1657223740412000,"flow_dst_last_pkt_time":1657223740422000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":1026,"flow_src_tot_l4_payload_len":213,"flow_dst_tot_l4_payload_len":7273,"midstream":0,"thread_ts_usec":1657223961720000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"35.214.238.161","src_port":64837,"dst_port":50001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00976{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1657223900042000,"flow_src_last_pkt_time":1657223900042000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1657223961720000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57956,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223899895000,"flow_src_last_pkt_time":1657223900033000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":291,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1761,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657223961720000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":50199,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223839896000,"flow_src_last_pkt_time":1657223840035000,"flow_dst_last_pkt_time":1657223840043000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":292,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1798,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657223961720000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":52283,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00976{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1657223900042000,"flow_src_last_pkt_time":1657223900042000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1657223961720000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57956,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224019895000,"flow_src_last_pkt_time":1657224019895000,"flow_dst_last_pkt_time":1657224019895000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224019895000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61435,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":112,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":1,"flow_src_last_pkt_time":1657224019895000,"flow_dst_last_pkt_time":1657224019895000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224019895000,"pkt":"eJS0JASgYDjgxTWgCABFAABmsi0AAH8Rv4nAqAJkQhbEre\/7w1QAUm3HAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZzc="} 00614{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":113,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":2,"flow_src_last_pkt_time":1657224019895000,"flow_dst_last_pkt_time":1657224019936000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224019936000,"pkt":"YDjgxTWgeJS0JASgCABFAABmu5pAADoRuxxCFsStwKgCZMNU7\/sAUoDYAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7\/s="} @@ -109,9 +109,9 @@ 00922{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":115,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":4,"flow_src_last_pkt_time":1657224019976000,"flow_dst_last_pkt_time":1657224019936000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":340,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":340,"pkt_l4_len":306,"thread_ts_usec":1657224019976000,"pkt":"eJS0JASgYDjgxTWgCABFAAFGsjEAAH8RvqXAqAJkQhbEre\/7w1QBMqstkHgwEjjizKMAAKzjvt4AAUxixBfgDPmps\/YOInWSZ71mVfG2AO0k7IVJKmqUlsY3fFePps0kaz+FD+NI0E2RR9PgOGp8YrveWMbvPi9XlCZ0uQl3Q+\/\/FRuhk6yrzAYl1n\/7N4tSYvVV+RYeNTOYIPmW9RCtxazSlf46k0tkO5kiIueeV0flqpQGezV+oaDEKaRJbqPEkkuyNIeCMttrd3t+TA65yODib4rVSthqYc8SG9krrtLEDGVE1wfVhNDPlr4Kbne5qC8lKooghRWpR5XbXYD9AQ8\/ZiYd0iT7qeWsq+nmXsSXukN0BkHsWJFogjhSzarYljBVD9wI5zKh\/zRkCQcLIFtX5\/k\/21WuwNH3QL0LNeB01VxJGcJlsk7IXDJ8tJdrax0AgA=="} 00904{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":116,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":5,"flow_src_last_pkt_time":1657224019994000,"flow_dst_last_pkt_time":1657224019936000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":325,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":325,"pkt_l4_len":291,"thread_ts_usec":1657224019994000,"pkt":"eJS0JASgYDjgxTWgCABFAAE3sjIAAH8RvrPAqAJkQhbEre\/7w1QBI5YwkHgwEzji0GMAAKzjvt4AAYgbKo08tKsJcNLhMdLzawkzlFWu9cCVi5VJS09P8Oj0FnLjIsIc5ggs4GwB12+eWDC4oS0h9fGVB\/Kok3x7ruS2CcrqpAB\/zfojmM4PUj38NBvTytIAhcxZJ5x87brfl\/ksEaIR0RNGuTl5yIgm1161z4DGr+JjgpmGY6rK9jR5fTz88vpMBYTxZ8EWL1vcbZPZIe46HU8ckA8dcRbVrmg\/nvus0+BvN3vqngdCOVjpUfqGSO+mEAqRkY9WVhrd5o0\/bQFk4gHSU\/7\/\/mcgMF9VrN8gmbIv3tvrt964qW5JBiPW1qN0Ogb9EFWNIIkorK\/2SHomGznBvezxvQ3IV03\/JnnmBB4MbB0AgA=="} 00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223839896000,"flow_src_last_pkt_time":1657223840035000,"flow_dst_last_pkt_time":1657223840043000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":292,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1798,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657224020155000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":52283,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223899895000,"flow_src_last_pkt_time":1657223900033000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":291,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1761,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657224020155000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":50199,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657223959895000,"flow_src_last_pkt_time":1657223961506000,"flow_dst_last_pkt_time":1657223961720000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224020155000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":53459,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00976{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1657223900042000,"flow_src_last_pkt_time":1657223900042000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1657224020155000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57956,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223899895000,"flow_src_last_pkt_time":1657223900033000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":291,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1761,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657224020155000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":50199,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224079896000,"flow_src_last_pkt_time":1657224079896000,"flow_dst_last_pkt_time":1657224079896000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224079896000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":58322,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":127,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":1,"flow_src_last_pkt_time":1657224079896000,"flow_dst_last_pkt_time":1657224079896000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224079896000,"pkt":"eJS0JASgYDjgxTWgCABFAABmtucAAH8Rus\/AqAJkQhbErePSw1QAUmYKAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAex0="} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":128,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":2,"flow_src_last_pkt_time":1657224079896000,"flow_dst_last_pkt_time":1657224079936000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224079936000,"pkt":"YDjgxTWgeJS0JASgCABFAABm3GVAADoRmlFCFsStwKgCZMNU49IAUpkqAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA49I="} @@ -119,10 +119,10 @@ 00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":129,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":3,"flow_src_last_pkt_time":1657224080036000,"flow_dst_last_pkt_time":1657224079936000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":50,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":50,"pkt_l4_len":16,"thread_ts_usec":1657224080036000,"pkt":"eJS0JASgYDjgxTWgCABFAAAktugAAH8RuxDAqAJkQhbErePSw1QAEGegEzfK\/kkAAAA="} 00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":130,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":4,"flow_src_last_pkt_time":1657224080036000,"flow_dst_last_pkt_time":1657224080081000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":16,"thread_ts_usec":1657224080081000,"pkt":"YDjgxTWgeJS0JASgCABFAAAk3H5AADoRmnpCFsStwKgCZMNU49IAEGegEzfK\/kkAAAAAAAAAAAAAAAAA"} 00710{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":131,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":5,"flow_src_last_pkt_time":1657224081710000,"flow_dst_last_pkt_time":1657224080081000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":186,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":186,"pkt_l4_len":152,"thread_ts_usec":1657224081710000,"pkt":"eJS0JASgYDjgxTWgCABFAACstukAAH8RuofAqAJkQhbErePSw1QAmHiNkHg0ljkQBOMAAKzjvt4AAbNlIkU9heCh0A\/lh\/uvpfog41ZWbToGs9oksOnQYr5rSkiJWpVXRH\/nhDTqqKI4p\/bxQXPUB45+uK65pptOSgCAZXM8u6+DnmVHKdpANZY2PsUaQY9xcyJw7t6RgN\/I3U2XwjdS59APWxmGqGA99G9BGjZHo23e7at9BzEVIgCA"} -00974{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1657223900042000,"flow_src_last_pkt_time":1657223900042000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1657224081830000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57956,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1657223899895000,"flow_src_last_pkt_time":1657223900033000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":291,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1761,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":1657224081830000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":50199,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224019895000,"flow_src_last_pkt_time":1657224020155000,"flow_dst_last_pkt_time":1657224020074000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":3221,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224081830000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61435,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00974{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1657223900042000,"flow_src_last_pkt_time":1657223900042000,"flow_dst_last_pkt_time":1657223900042000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1657224081830000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57956,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657223959895000,"flow_src_last_pkt_time":1657223961506000,"flow_dst_last_pkt_time":1657223961720000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224081830000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":53459,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224019895000,"flow_src_last_pkt_time":1657224020155000,"flow_dst_last_pkt_time":1657224020074000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":3221,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224081830000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61435,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224139897000,"flow_src_last_pkt_time":1657224139897000,"flow_dst_last_pkt_time":1657224139897000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224139897000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61392,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":142,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":1,"flow_src_last_pkt_time":1657224139897000,"flow_dst_last_pkt_time":1657224139897000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224139897000,"pkt":"eJS0JASgYDjgxTWgCABFAABmvHgAAH8RtT7AqAJkQhbEre\/Qw1QAUkQDAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkSY="} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":143,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":2,"flow_src_last_pkt_time":1657224139897000,"flow_dst_last_pkt_time":1657224139947000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224139947000,"pkt":"YDjgxTWgeJS0JASgCABFAABm\/t9AADoRd9dCFsStwKgCZMNU79AAUoEuAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA79A="} @@ -130,9 +130,9 @@ 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":144,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":3,"flow_src_last_pkt_time":1657224140043000,"flow_dst_last_pkt_time":1657224139947000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":50,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":50,"pkt_l4_len":16,"thread_ts_usec":1657224140043000,"pkt":"eJS0JASgYDjgxTWgCABFAAAkvHkAAH8RtX\/AqAJkQhbEre\/Qw1QAEE+iEzfK\/lUAAAA="} 00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":145,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":4,"flow_src_last_pkt_time":1657224140043000,"flow_dst_last_pkt_time":1657224140091000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":16,"thread_ts_usec":1657224140091000,"pkt":"YDjgxTWgeJS0JASgCABFAAAk\/vxAADoRd\/xCFsStwKgCZMNU79AAEE+iEzfK\/lUAAAAAAAAAAAAAAAAA"} 00594{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":146,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":5,"flow_src_last_pkt_time":1657224140295000,"flow_dst_last_pkt_time":1657224140091000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":102,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":102,"pkt_l4_len":68,"thread_ts_usec":1657224140295000,"pkt":"eJS0JASgYDjgxTWgCABFAABYvHoAAH8RtUrAqAJkQhbEre\/Qw1QARJDNgMgABgAArOM7glbqt2FPBe0101w3YxghXVUCfKN0uSrSe1KIbnZrRwM+1\/lYAVlNJiu1hz5rH4eZJwCA"} -00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224019895000,"flow_src_last_pkt_time":1657224020155000,"flow_dst_last_pkt_time":1657224020074000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":3221,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224140441000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61435,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657223959895000,"flow_src_last_pkt_time":1657223961506000,"flow_dst_last_pkt_time":1657223961720000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224140441000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":53459,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1657224079896000,"flow_src_last_pkt_time":1657224081830000,"flow_dst_last_pkt_time":1657224081824000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":289,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1564,"flow_dst_tot_l4_payload_len":1206,"midstream":0,"thread_ts_usec":1657224140441000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":58322,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224019895000,"flow_src_last_pkt_time":1657224020155000,"flow_dst_last_pkt_time":1657224020074000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":3221,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224140441000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61435,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224199898000,"flow_src_last_pkt_time":1657224199898000,"flow_dst_last_pkt_time":1657224199898000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224199898000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":63362,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":1,"flow_src_last_pkt_time":1657224199898000,"flow_dst_last_pkt_time":1657224199898000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224199898000,"pkt":"eJS0JASgYDjgxTWgCABFAABmvlkAAH8Rs13AqAJkQhbErfeCw1QAUtaNAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9uk="} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":2,"flow_src_last_pkt_time":1657224199898000,"flow_dst_last_pkt_time":1657224199946000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224199946000,"pkt":"YDjgxTWgeJS0JASgCABFAABmIQdAADoRVbBCFsStwKgCZMNU94IAUnHKAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA94I="} @@ -141,9 +141,9 @@ 00911{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":4,"flow_src_last_pkt_time":1657224199975000,"flow_dst_last_pkt_time":1657224199946000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":334,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":334,"pkt_l4_len":300,"thread_ts_usec":1657224199975000,"pkt":"eJS0JASgYDjgxTWgCABFAAFAvl0AAH8Rsn\/AqAJkQhbErfeCw1QBLJfJkHg7qjlmoqMAAKzjvt4AAceewSie2gxA3MdVo6uwcrGu6qdwzCLodZlnAFbY1EKTStIxNTZtvn6k8tTBetyP7YB12ywEr5O7upryF1VuUpjAgNqYyGTM8M3T7EUzo5fFUiQff2vpMrGxD6Ky1nN2gPXkfynh0\/b5cYrq91mmqyW+C8aAzcnLdyerXP0LTS4HHiAk6yX1aSOHyoT2hu4fhjxA4zDBwE7EJPAgO4wtn3m+OENnLoKo0Wa5tVlU6JtNjFq1oYmZN7rRodkEWDhxcHrU\/5zvWR8mtoZ5DscFcmTp\/hGfGk0xSfFsdQvZPB1TUpvCVq6EIdspOz0EkJAiaxs64d0PjQIeuVcql\/vOKhMgyYz2EjEJGvtDNX\/9hMANcCkAgA=="} 00911{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":5,"flow_src_last_pkt_time":1657224199993000,"flow_dst_last_pkt_time":1657224199946000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":334,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":334,"pkt_l4_len":300,"thread_ts_usec":1657224199993000,"pkt":"eJS0JASgYDjgxTWgCABFAAFAvl4AAH8Rsn7AqAJkQhbErfeCw1QBLMP8kHg7qzlmpmMAAKzjvt4AAQsGx9gHzwbjMrPMeUTaSasGQGWgehh7agYHmOVGE0x3zlthneGJlFiWezrRQegL80KSGQYrvdAevVH6+8HCXgvTlVyZOJceI1ROY66qVlysR10xal6eJfVxyxCzmmc2Mn2XdA\/pybWv25alto8\/Lk9nQW042A4NKJBceEWMPrfCesU+FyMLP53P6GuUs9c5NkflVjRi278T55Jt8hJo1dr1EPWYDSK9zjrpDaW8ps\/MVnYRJI28XwFlu72VjAFUdXumVk0IOZouHEC0zm1bFkLkcOFMcGqnKhCZ\/W85EI7zKqleuyDt96dsa0B\/GHRplmyl9uPgVtckFS7bWCQnzZ\/BL6CYCs7QtxED+mXpiSavcSkAgA=="} 00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657223959895000,"flow_src_last_pkt_time":1657223961506000,"flow_dst_last_pkt_time":1657223961720000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224200131000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":53459,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1657224079896000,"flow_src_last_pkt_time":1657224081830000,"flow_dst_last_pkt_time":1657224081824000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":289,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1564,"flow_dst_tot_l4_payload_len":1206,"midstream":0,"thread_ts_usec":1657224200131000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":58322,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224139897000,"flow_src_last_pkt_time":1657224140295000,"flow_dst_last_pkt_time":1657224140441000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224200131000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61392,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224019895000,"flow_src_last_pkt_time":1657224020155000,"flow_dst_last_pkt_time":1657224020074000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":3221,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224200131000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61435,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1657224079896000,"flow_src_last_pkt_time":1657224081830000,"flow_dst_last_pkt_time":1657224081824000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":289,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1564,"flow_dst_tot_l4_payload_len":1206,"midstream":0,"thread_ts_usec":1657224200131000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":58322,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224259898000,"flow_src_last_pkt_time":1657224259898000,"flow_dst_last_pkt_time":1657224259898000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224259898000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":50335,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":19,"flow_packet_id":1,"flow_src_last_pkt_time":1657224259898000,"flow_dst_last_pkt_time":1657224259898000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224259898000,"pkt":"eJS0JASgYDjgxTWgCABFAABmxEMAAH8RrXPAqAJkQhbErcSfw1QAUhj9AAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA510="} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":19,"flow_packet_id":2,"flow_src_last_pkt_time":1657224259898000,"flow_dst_last_pkt_time":1657224259946000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224259946000,"pkt":"YDjgxTWgeJS0JASgCABFAABmRclAADoRMO5CFsStwKgCZMNUxJ8AUteQAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxJ8="} @@ -152,9 +152,9 @@ 00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":19,"flow_packet_id":4,"flow_src_last_pkt_time":1657224260063000,"flow_dst_last_pkt_time":1657224260106000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":16,"thread_ts_usec":1657224260106000,"pkt":"YDjgxTWgeJS0JASgCABFAAAkReRAADoRMRVCFsStwKgCZMNUxJ8AEGLTEzfK\/m0AAAAAAAAAAAAAAAAA"} 00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":19,"flow_packet_id":5,"flow_src_last_pkt_time":1657224260238000,"flow_dst_last_pkt_time":1657224260106000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":1657224260238000,"pkt":"eJS0JASgYDjgxTWgCABFAAA4xEUAAH8RrZ\/AqAJkQhbErcSfw1QAJAuJgMkAAQAArOOCFblxsrx9Qw3Y5nTxz9hWSi8AgA=="} 00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224019895000,"flow_src_last_pkt_time":1657224020155000,"flow_dst_last_pkt_time":1657224020074000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":3221,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224260473000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61435,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1657224199898000,"flow_src_last_pkt_time":1657224200131000,"flow_dst_last_pkt_time":1657224200128000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":2845,"flow_dst_tot_l4_payload_len":363,"midstream":0,"thread_ts_usec":1657224260473000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":63362,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224139897000,"flow_src_last_pkt_time":1657224140295000,"flow_dst_last_pkt_time":1657224140441000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224260473000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61392,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1657224079896000,"flow_src_last_pkt_time":1657224081830000,"flow_dst_last_pkt_time":1657224081824000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":289,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1564,"flow_dst_tot_l4_payload_len":1206,"midstream":0,"thread_ts_usec":1657224260473000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":58322,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224139897000,"flow_src_last_pkt_time":1657224140295000,"flow_dst_last_pkt_time":1657224140441000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224260473000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61392,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1657224199898000,"flow_src_last_pkt_time":1657224200131000,"flow_dst_last_pkt_time":1657224200128000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":2845,"flow_dst_tot_l4_payload_len":363,"midstream":0,"thread_ts_usec":1657224260473000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":63362,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00849{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":187,"packets-processed":186,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":41446,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":19,"total-detection-updates":2,"total-updates":25,"current-active-flows":4,"total-active-flows":19,"total-idle-flows":15,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":158,"global_ts_usec":1657224319898000} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224319898000,"flow_src_last_pkt_time":1657224319898000,"flow_dst_last_pkt_time":1657224319898000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224319898000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":62379,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":1,"flow_src_last_pkt_time":1657224319898000,"flow_dst_last_pkt_time":1657224319898000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224319898000,"pkt":"eJS0JASgYDjgxTWgCABFAABmywMAAH8RprPAqAJkQhbErfOrw1QAUprMAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANoI="} @@ -163,10 +163,10 @@ 00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":189,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":3,"flow_src_last_pkt_time":1657224320071000,"flow_dst_last_pkt_time":1657224319945000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":50,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":50,"pkt_l4_len":16,"thread_ts_usec":1657224320071000,"pkt":"eJS0JASgYDjgxTWgCABFAAAkywQAAH8RpvTAqAJkQhbErfOrw1QAECfHEzfK\/nkAAAA="} 00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":190,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":4,"flow_src_last_pkt_time":1657224320071000,"flow_dst_last_pkt_time":1657224320114000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":16,"thread_ts_usec":1657224320114000,"pkt":"YDjgxTWgeJS0JASgCABFAAAkaINAADoRDnZCFsStwKgCZMNU86sAECfHEzfK\/nkAAAAAAAAAAAAAAAAA"} 00710{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":5,"flow_src_last_pkt_time":1657224321014000,"flow_dst_last_pkt_time":1657224320114000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":185,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":185,"pkt_l4_len":151,"thread_ts_usec":1657224321014000,"pkt":"eJS0JASgYDjgxTWgCABFAACrywUAAH8RpmzAqAJkQhbErfOrw1QAl\/GgkHhH6jm\/SaMAAKzjvt4AAYIFQ+7m1PmMZPoFw2ROwy2Ci8lDxvGvfyHJ9r42N\/0y0E0dP27aFY8Kr74BDlT2kI7xfehUGJWHYT4zjfE+GgXNj91VSiS03EC6teqFj1sz0\/kuxYiAiERKxXeSll+xfahsallKI7TBmWpPsZc4zpc5KXJmRObr2hMAA\/01AIA="} -00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224139897000,"flow_src_last_pkt_time":1657224140295000,"flow_dst_last_pkt_time":1657224140441000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224321140000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61392,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1657224079896000,"flow_src_last_pkt_time":1657224081830000,"flow_dst_last_pkt_time":1657224081824000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":289,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1564,"flow_dst_tot_l4_payload_len":1206,"midstream":0,"thread_ts_usec":1657224321140000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":58322,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1657224199898000,"flow_src_last_pkt_time":1657224200131000,"flow_dst_last_pkt_time":1657224200128000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":2845,"flow_dst_tot_l4_payload_len":363,"midstream":0,"thread_ts_usec":1657224321140000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":63362,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224139897000,"flow_src_last_pkt_time":1657224140295000,"flow_dst_last_pkt_time":1657224140441000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224321140000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61392,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224259898000,"flow_src_last_pkt_time":1657224260238000,"flow_dst_last_pkt_time":1657224260473000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224321140000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":50335,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1657224199898000,"flow_src_last_pkt_time":1657224200131000,"flow_dst_last_pkt_time":1657224200128000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":2845,"flow_dst_tot_l4_payload_len":363,"midstream":0,"thread_ts_usec":1657224321140000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":63362,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224379899000,"flow_src_last_pkt_time":1657224379899000,"flow_dst_last_pkt_time":1657224379899000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224379899000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":62844,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":202,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":1,"flow_src_last_pkt_time":1657224379899000,"flow_dst_last_pkt_time":1657224379899000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224379899000,"pkt":"eJS0JASgYDjgxTWgCABFAABmzYMAAH8RpDPAqAJkQhbErfV8w1QAUt1FAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8jc="} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":2,"flow_src_last_pkt_time":1657224379899000,"flow_dst_last_pkt_time":1657224379944000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224379944000,"pkt":"YDjgxTWgeJS0JASgCABFAABmi8xAADoR6upCFsStwKgCZMNU9XwAUnXWAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Xw="} @@ -175,8 +175,8 @@ 00571{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":4,"flow_src_last_pkt_time":1657224379972000,"flow_dst_last_pkt_time":1657224379944000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":85,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":85,"pkt_l4_len":51,"thread_ts_usec":1657224379972000,"pkt":"eJS0JASgYDjgxTWgCABFAABHzYcAAH8RpE7AqAJkQhbErfV8w1QAMwWUkHhKPjnqeKMAAKzjvt4AAWvyp+wTlqjpCJwWcqG\/utfNAgvPLwByczgAgA=="} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":5,"flow_src_last_pkt_time":1657224379972000,"flow_dst_last_pkt_time":1657224379989000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":85,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":85,"pkt_l4_len":51,"thread_ts_usec":1657224379989000,"pkt":"YDjgxTWgeJS0JASgCABFAABHi9NAADoR6wJCFsStwKgCZMNU9XwAM223kHg1CbfJARsAAKE5vt4AAa\/PBJZPl5cFN\/vgWJbkMhshngUuull4MlsAAA=="} 00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":3,"flow_first_seen":1657224199898000,"flow_src_last_pkt_time":1657224200131000,"flow_dst_last_pkt_time":1657224200128000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":298,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":2845,"flow_dst_tot_l4_payload_len":363,"midstream":0,"thread_ts_usec":1657224380154000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":63362,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1657224319898000,"flow_src_last_pkt_time":1657224321133000,"flow_dst_last_pkt_time":1657224321140000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":288,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1793,"flow_dst_tot_l4_payload_len":1206,"midstream":0,"thread_ts_usec":1657224380154000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":62379,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224259898000,"flow_src_last_pkt_time":1657224260238000,"flow_dst_last_pkt_time":1657224260473000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657224380154000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":50335,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1657224319898000,"flow_src_last_pkt_time":1657224321133000,"flow_dst_last_pkt_time":1657224321140000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":288,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1793,"flow_dst_tot_l4_payload_len":1206,"midstream":0,"thread_ts_usec":1657224380154000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":62379,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224439898000,"flow_src_last_pkt_time":1657224439898000,"flow_dst_last_pkt_time":1657224439898000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224439898000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":59891,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":1,"flow_src_last_pkt_time":1657224439898000,"flow_dst_last_pkt_time":1657224439898000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224439898000,"pkt":"eJS0JASgYDjgxTWgCABFAABm06kAAH8Rng3AqAJkQhbErenzw1QAUiZTAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtLM="} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":218,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":2,"flow_src_last_pkt_time":1657224439898000,"flow_dst_last_pkt_time":1657224439926000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224439926000,"pkt":"YDjgxTWgeJS0JASgCABFAABmrEpAADoRymxCFsStwKgCZMNU6fMAUozoAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6fM="} @@ -236,9 +236,9 @@ 00910{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":294,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":3,"flow_src_last_pkt_time":1657224739932000,"flow_dst_last_pkt_time":1657224739929000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":339,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":339,"pkt_l4_len":305,"thread_ts_usec":1657224739932000,"pkt":"eJS0JASgYDjgxTWgCABFAAFF8hIAAH8RfsXAqAJkQhbErfmVw1QBMWXykHhtpDryHSMAAKzjvt4AAedsmC5lwsnrXN6vYwrYaOrXP3wTRA0u2YVmnyvJOHEA9wM+g04rb2mKlrk7qh960eRvUUGAKxWMdigIxgEOu9rYx0ArfWH0ZjUAnHtcbS0bEv2bZVfAufpGWcO6IsGN27YtkN95RP73BgLFqpz3DmiVs52rK4+yVQev1THLNBijkgwv2+gOzN3qhAuCM+fzveauFHKdNSdmKTWGDEMpOdXZuzNtIG+BF45e8u6Lz7AJGkoeKvk+BJNljddJaORcOYMbW0OUi4OCxD8EdsQWIC8\/UAK+HQHMbrLb36XxRxYBVUswrssmcO08c+ruZJDCkZxxUnhAADZBeFP7lw+KF5YKZ+gjVs06o16+PPLUAm00mnAvhomwXACA"} 00896{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":295,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":4,"flow_src_last_pkt_time":1657224739950000,"flow_dst_last_pkt_time":1657224739929000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":326,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":326,"pkt_l4_len":292,"thread_ts_usec":1657224739950000,"pkt":"eJS0JASgYDjgxTWgCABFAAE48hMAAH8RftHAqAJkQhbErfmVw1QBJHTokHhtpTryIOMAAKzjvt4AAZkbx2rcD0XRP1RmZXxY4N6RNoUjR6Bdzw+wbPErFmvp5J5Q7xZplLN8TpPdtz5Jn7IqqzDpTj0F406\/8P829KYyU7iV6unECUNEXCRBQRpcBz9BZ\/Zl3l3SB70XSEek7JGN6r+Ltfuq4daB2YhxIsq7MIa0VQcTRyJVg7YLF0ueXYI25nED3CzvL0V0gQDnghL8+1WPOzKhOJA5jn5WG97p6OzbdfYbDzyc82nWuS6gRAnWq0RIjcvXvIQpEZniCDPpb1XF7xUbee7L4BMLW\/h6fxnjZqdp3sGmtnA151UhQj54r2b2OwXgjpqImZtwF7qlr04xg+i8ARM2A5piyXHVfaaIQMizdrFcAIA="} 00915{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":296,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":5,"flow_src_last_pkt_time":1657224739967000,"flow_dst_last_pkt_time":1657224739929000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":331,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":331,"pkt_l4_len":297,"thread_ts_usec":1657224739967000,"pkt":"eJS0JASgYDjgxTWgCABFAAE98hQAAH8RfsvAqAJkQhbErfmVw1QBKbuikHhtpjryJKMAAKzjvt4AAeBlvJ4xKlvrmg\/k3K6DlpkO\/qTdI0mon9QYLVbK7\/vwtVstx76bSzANb62Zquvm9T7BlD6YmpUUb3tiQU\/i+Xt8kRYKAK9Kyzem\/4szb9HvP0LQKEBHPo2wQ\/wHEUzE5HHA\/WXohsjRSjqymZ\/eSlV4PrkQWEUSh7MYv8UIeZeB6E8kE7TW+mEdsrMgRhGgRf5NSWnoMm1K\/Hwk90NuMWp4lELyxj+\/PBztWMRwj7l5m1zpJfJKrzNGkDdoqLY75aT\/2Sq4m3Q6Fb4ORMN\/hNyyoKUlyymiC\/Hb7JOaIrA5qNEtpb9IVEsmp7WKammeCGj5KTD\/kgDASlvW9T8NWyQFiXL0qptIh78tlBu3slwAgA=="} -00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224679899000,"flow_src_last_pkt_time":1657224680269000,"flow_dst_last_pkt_time":1657224680139000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":293,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":2527,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224740128000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61060,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224619899000,"flow_src_last_pkt_time":1657224620131000,"flow_dst_last_pkt_time":1657224620135000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":302,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":3194,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224740128000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":55432,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224559899000,"flow_src_last_pkt_time":1657224561364000,"flow_dst_last_pkt_time":1657224562254000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":475,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":2189,"midstream":0,"thread_ts_usec":1657224740128000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":57764,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224679899000,"flow_src_last_pkt_time":1657224680269000,"flow_dst_last_pkt_time":1657224680139000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":293,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":2527,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224740128000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61060,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224799899000,"flow_src_last_pkt_time":1657224799899000,"flow_dst_last_pkt_time":1657224799899000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224799899000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":52323,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":1,"flow_src_last_pkt_time":1657224799899000,"flow_dst_last_pkt_time":1657224799899000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224799899000,"pkt":"eJS0JASgYDjgxTWgCABFAABm9ZcAAH8RfB\/AqAJkQhbErcxjw1QAUgxQAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EY="} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":2,"flow_src_last_pkt_time":1657224799899000,"flow_dst_last_pkt_time":1657224799933000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224799933000,"pkt":"YDjgxTWgeJS0JASgCABFAABmdv1AADoR\/7lCFsStwKgCZMNUzGMAUsgIAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzGM="} @@ -258,8 +258,8 @@ 00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":325,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":4,"flow_src_last_pkt_time":1657224860136000,"flow_dst_last_pkt_time":1657224860163000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":16,"thread_ts_usec":1657224860163000,"pkt":"YDjgxTWgeJS0JASgCABFAAAkmiJAADoR3NZCFsStwKgCZMNU5YEAEMnwEzfK\/uUAAAAAAAAAAAAAAAAA"} 00701{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":5,"flow_src_last_pkt_time":1657224860508000,"flow_dst_last_pkt_time":1657224860163000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":179,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":179,"pkt_l4_len":145,"thread_ts_usec":1657224860508000,"pkt":"eJS0JASgYDjgxTWgCABFAACl98YAAH8RebHAqAJkQhbEreWBw1QAkedMkHhy+TtKbeMAAKzjvt4AAX3FBeu\/\/BRS8enjZzUWHd7QnF4aymKB2k0ggFTZ7FXFNbiPaAISEndEm6LKGifCNOfWOeJ\/nIWEutep+FVZ0MrBaW+w7Dz+zLfnnRTfLVdObhgrqVA8v5pXp+xw\/ywixDnOW6COMlNPZhonRShsaN1JIqOVKUliAIA="} 00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":2,"flow_first_seen":1657224679899000,"flow_src_last_pkt_time":1657224680269000,"flow_dst_last_pkt_time":1657224680139000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":293,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":2527,"flow_dst_tot_l4_payload_len":82,"midstream":0,"thread_ts_usec":1657224860617000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":61060,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":1,"flow_first_seen":1657224739899000,"flow_src_last_pkt_time":1657224740128000,"flow_dst_last_pkt_time":1657224739929000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":299,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":3296,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1657224860617000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":63893,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224799899000,"flow_src_last_pkt_time":1657224800581000,"flow_dst_last_pkt_time":1657224800795000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":301,"flow_src_tot_l4_payload_len":134,"flow_dst_tot_l4_payload_len":2902,"midstream":0,"thread_ts_usec":1657224860617000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":52323,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00979{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":1,"flow_first_seen":1657224739899000,"flow_src_last_pkt_time":1657224740128000,"flow_dst_last_pkt_time":1657224739929000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":299,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":3296,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1657224860617000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":63893,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00849{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":337,"packets-processed":336,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":67619,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":29,"total-detection-updates":2,"total-updates":48,"current-active-flows":3,"total-active-flows":29,"total-idle-flows":26,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":263,"global_ts_usec":1657224919900000} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657224919900000,"flow_src_last_pkt_time":1657224919900000,"flow_dst_last_pkt_time":1657224919900000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657224919900000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":65053,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":1,"flow_src_last_pkt_time":1657224919900000,"flow_dst_last_pkt_time":1657224919900000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657224919900000,"pkt":"eJS0JASgYDjgxTWgCABFAABm+q8AAH8RdwfAqAJkQhbErf4dw1QAUjxpAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAinM="} @@ -300,8 +300,8 @@ 00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":33,"flow_packet_id":4,"flow_src_last_pkt_time":1657225100156000,"flow_dst_last_pkt_time":1657225100181000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":16,"thread_ts_usec":1657225100181000,"pkt":"YDjgxTWgeJS0JASgCABFAAAkIt5AADoRVBtCFsStwKgCZMNU52gAEJgJEzfK\/hUBAAAAAAAAAAAAAAAA"} 00594{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":33,"flow_packet_id":5,"flow_src_last_pkt_time":1657225101391000,"flow_dst_last_pkt_time":1657225100181000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":102,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":102,"pkt_l4_len":68,"thread_ts_usec":1657225101391000,"pkt":"eJS0JASgYDjgxTWgCABFAABYBsgAAH8Rav3AqAJkQhbEredow1QARJVRgMgABgAArOMirTqAH9Jq\/lkxP6sH3JvFBPRf1eM3s0o60YEnmA+5O3bS6t98xhE83dgVj\/4YoaEXcQCA"} 00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657224919900000,"flow_src_last_pkt_time":1657224920293000,"flow_dst_last_pkt_time":1657224920512000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":406,"flow_src_tot_l4_payload_len":110,"flow_dst_tot_l4_payload_len":2934,"midstream":0,"thread_ts_usec":1657225101610000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":65053,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657225039901000,"flow_src_last_pkt_time":1657225040816000,"flow_dst_last_pkt_time":1657225041016000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2662,"midstream":0,"thread_ts_usec":1657225101610000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":54950,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00981{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1657224979900000,"flow_src_last_pkt_time":1657224980585000,"flow_dst_last_pkt_time":1657224980595000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":276,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1122,"flow_dst_tot_l4_payload_len":1292,"midstream":0,"thread_ts_usec":1657225101610000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":49648,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} +00980{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657225039901000,"flow_src_last_pkt_time":1657225040816000,"flow_dst_last_pkt_time":1657225041016000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2662,"midstream":0,"thread_ts_usec":1657225101610000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":54950,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1657225159904000,"flow_src_last_pkt_time":1657225159904000,"flow_dst_last_pkt_time":1657225159904000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":74,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":74,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1657225159904000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":62481,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":1,"flow_src_last_pkt_time":1657225159904000,"flow_dst_last_pkt_time":1657225159904000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657225159904000,"pkt":"eJS0JASgYDjgxTWgCABFAABmDKkAAH8RZQ7AqAJkQhbErfQRw1QAUvoVAAEARgAArOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1tI="} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":2,"flow_src_last_pkt_time":1657225159904000,"flow_dst_last_pkt_time":1657225159930000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":116,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":116,"pkt_l4_len":82,"thread_ts_usec":1657225159930000,"pkt":"YDjgxTWgeJS0JASgCABFAABmRMtAADoRMexCFsStwKgCZMNU9BEAUnisAAIARgAArOM4NC41OS4xMzIuMTAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9BE="} @@ -309,9 +309,9 @@ 00905{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":3,"flow_src_last_pkt_time":1657225159946000,"flow_dst_last_pkt_time":1657225159930000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":328,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":328,"pkt_l4_len":294,"thread_ts_usec":1657225159946000,"pkt":"eJS0JASgYDjgxTWgCABFAAE6DKwAAH8RZDfAqAJkQhbErfQRw1QBJhEfkHiG7jwlvuMAAKzjvt4AAX\/64Uscc1KgkX9+wOVZQXRJSI+6EPofS3DoT\/POrVWtbGOE0r2gpE0F\/pHUJzkbL18rhXHua\/fp5qfCUjBkosA1B7ZR62fQMCUIICYBiqcNAv2wKfjU+u\/yZ2TulPH5eX9fg9iy9kjv2yb+dQwoLj3qUoUsxpLJhNIhZLTMtz4F+B0GaPlzaLfWlKtikh6dQAT9OcZ2yCW+unThiqZgB5rIGcTEo5\/psvWZLeI00C8Lz5GbY3OIyh+JJBdVxwx9nXB\/wA5D6Ec9fnI657modZ+9WOj4HlqPJTV+rp8UikXEQOOl5RmcQxIg7cgXyF803akRP4gKiRP+la71ccJby2s\/A9yLb1za79BS73YAgA=="} 00885{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":4,"flow_src_last_pkt_time":1657225159970000,"flow_dst_last_pkt_time":1657225159930000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":317,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":317,"pkt_l4_len":283,"thread_ts_usec":1657225159970000,"pkt":"eJS0JASgYDjgxTWgCABFAAEvDK0AAH8RZEHAqAJkQhbErfQRw1QBG6rAkHiG7zwlwqMAAKzjvt4AAQU4q38yPxhibtE0ajJXhGfQc13QQ8Ht0xZY8ttXqRLO17nj8Ys2neQjSLhNL9Kfmhhm3zJOHaAfJc6AdBz63BtG2i\/E\/Rko2iCdoqAGhQBqORhBOA6D\/6LzL78hGmdDTI1Vj70kq3HjkHR53V5DAh8fArvT8r+vIQMUNALOTuVshboiVZ4Olxwit07SNU\/Kx+okqzwqyfZijOl2lwgNPStN2QUhN70FZrq5C11cOuS3J+l7wzPqiPa9kASnuQBu1UbqCiLBb7rNmeG2J0PuUkHQCTyMiIKh4ZsKdIigZ1JXiX7LA8Qdzc4ePwVn7A9jlmLjNnnKh3cfURlinHbIGvB2AIA="} 00866{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":5,"flow_src_last_pkt_time":1657225159988000,"flow_dst_last_pkt_time":1657225159930000,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":303,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":303,"pkt_l4_len":269,"thread_ts_usec":1657225159988000,"pkt":"eJS0JASgYDjgxTWgCABFAAEhDK4AAH8RZE7AqAJkQhbErfQRw1QBDaE7kHiG8DwlxmMAAKzjvt4AAVDqqOFI+FyjRLR258prxZ6CTZjQ8Z0zDGc3GNtnfl8mVD2ziwIVUyB0a+9WA12GZHH5vS6w8+Hw+FKJ8iLvF9JmO0JsWaBwDC0A5iv4dZ\/JModWfrXIKQ79HLfh6+bj48FQjJmeYB\/nEq8JLRYdbdpHztsOXrxkNF8tgfAJV0BR1oejuBRoIgolimWQm7uFEGrPgcx5rKFboKMXqF\/4br8i1nh\/1TMr1lkkzj4Maqn+7sGV7zSDxiUs9N2bta04bqvrmvaf\/HPStEG29LiGzxlqYCW4bDLKWpEsTGkEZniRa9X65SRuTf7IHxiIaBVcg5LxdgCA"} +00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1657224979900000,"flow_src_last_pkt_time":1657224980585000,"flow_dst_last_pkt_time":1657224980595000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":276,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1122,"flow_dst_tot_l4_payload_len":1292,"midstream":0,"thread_ts_usec":1657225160168000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":49648,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657225039901000,"flow_src_last_pkt_time":1657225040816000,"flow_dst_last_pkt_time":1657225041016000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2662,"midstream":0,"thread_ts_usec":1657225160168000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":54950,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":12,"flow_first_seen":1657225099902000,"flow_src_last_pkt_time":1657225101391000,"flow_dst_last_pkt_time":1657225101610000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":74,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":2892,"midstream":0,"thread_ts_usec":1657225160168000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":59240,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} -00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":8,"flow_first_seen":1657224979900000,"flow_src_last_pkt_time":1657224980585000,"flow_dst_last_pkt_time":1657224980595000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":276,"flow_dst_max_l4_payload_len":281,"flow_src_tot_l4_payload_len":1122,"flow_dst_tot_l4_payload_len":1292,"midstream":0,"thread_ts_usec":1657225160168000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":49648,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":1,"flow_first_seen":1657225159904000,"flow_src_last_pkt_time":1657225160168000,"flow_dst_last_pkt_time":1657225159930000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":288,"flow_dst_max_l4_payload_len":74,"flow_src_tot_l4_payload_len":1771,"flow_dst_tot_l4_payload_len":74,"midstream":0,"thread_ts_usec":1657225160168000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"66.22.196.173","src_port":62481,"dst_port":50004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Discord","proto_id":"58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}} 00851{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/discord.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":411,"packets-processed":411,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":80760,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":34,"total-detection-updates":2,"total-updates":57,"current-active-flows":0,"total-active-flows":34,"total-idle-flows":34,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":316,"global_ts_usec":1657225160168000} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ @@ -322,8 +322,8 @@ ~~ total active/idle flows...: 34/34 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 6751659 bytes -~~ total memory freed........: 6751659 bytes +~~ total memory allocated....: 7005099 bytes +~~ total memory freed........: 7005099 bytes ~~ total allocations/frees...: 114923/114923 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json message min len.......: 516 chars |