aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/kafka.pcapng.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/default/kafka.pcapng.out')
-rw-r--r--test/results/default/kafka.pcapng.out22
1 files changed, 11 insertions, 11 deletions
diff --git a/test/results/default/kafka.pcapng.out b/test/results/default/kafka.pcapng.out
index 9f04c5d12..b3057b9b9 100644
--- a/test/results/default/kafka.pcapng.out
+++ b/test/results/default/kafka.pcapng.out
@@ -1,21 +1,21 @@
-00563{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
-00787{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1681844706292198}
+00609{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
+00833{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1681844706292198}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681844706292198,"flow_src_last_pkt_time":1681844706292198,"flow_dst_last_pkt_time":1681844706292198,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681844706292198,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":49280,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1681844706292198,"flow_dst_last_pkt_time":1681844706292198,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":91,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":91,"pkt_l4_len":57,"thread_ts_usec":1681844706292198,"pkt":"+hY+WLcoABY+cE49CABFAABNF75AAEAGuGysEBFlrB4A7cCAI4TCbO0Rtom0OoAYAepqwAAAAQEICh9sM73hRtgfAAAAFQASAAAAAACBAAdyZGthZmthAAAAAA=="}
00924{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681844706292198,"flow_src_last_pkt_time":1681844706292198,"flow_dst_last_pkt_time":1681844706292198,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681844706292198,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":49280,"dst_port":9092,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
01011{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1681844706292198,"flow_dst_last_pkt_time":1681844706319485,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":416,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":416,"pkt_l4_len":382,"thread_ts_usec":1681844706319485,"pkt":"ABY+cE49+hY+WLcoCABFAAGStuRAAD0GGwGsHgDtrBARZSOEwIC2ibQ6wmztKoAYgAB26gAAAQEICuFG2DwfbDO9AAABWgAAAIEAAAAAADgAAAAAAAkAAQAAAAwAAgAAAAYAAwAAAAsABAAAAAUABQAAAAMABgAAAAcABwAAAAMACAAAAAgACQAAAAcACgAAAAMACwAAAAcADAAAAAQADQAAAAQADgAAAAUADwAAAAUAEAAAAAQAEQAAAAEAEgAAAAMAEwAAAAcAFAAAAAYAFQAAAAIAFgAAAAQAFwAAAAQAGAAAAAMAGQAAAAMAGgAAAAMAGwAAAAEAHAAAAAMAHQAAAAIAHgAAAAIAHwAAAAIAIAAAAAQAIQAAAAIAIgAAAAIAIwAAAAIAJAAAAAIAJQAAAAMAJgAAAAIAJwAAAAIAKAAAAAIAKQAAAAIAKgAAAAIAKwAAAAIALAAAAAEALQAAAAAALgAAAAAALwAAAAAAMAAAAAEAMQAAAAEAMgAAAAAAMwAAAAAAOAAAAAAAOQAAAAAAPAAAAAAAPQAAAAA="}
00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1681845006101184,"flow_dst_last_pkt_time":1681844706319485,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1681845006101184,"pkt":"+hY+WLcoABY+cE49CABFAABgF8BAAEAGuFesEBFlrB4A7cCAI4TCbO0qtom1mIAYAehq0wAAAQEICh9wxuDhRtg8AAAAKAADAAIAAACCAAdyZGthZmthAAAAAQARTEJfTUFJTl9MT0dfSU5QVVQ="}
00705{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1681845006101184,"flow_dst_last_pkt_time":1681845006128992,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":186,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":186,"pkt_l4_len":152,"thread_ts_usec":1681845006128992,"pkt":"ABY+cE49+hY+WLcoCABFAACstuZAAD0GG+WsHgDtrBARZSOEwIC2ibWYwmztVoAYgACshwAAAQEICuFLa10fcMbgAAAAdAAAAIIAAAABAAAD6QAMMTcyLjMwLjAuMjM3AAAjhP\/\/ABZRNU5OaVhQZlIycVRBb0Y1aTczSlBnAAAD6QAAAAEAAAARTEJfTUFJTl9MT0dfSU5QVVQAAAAAAQAAAAAAAAAAA+kAAAABAAAD6QAAAAEAAAPp"}
-00789{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":5,"packets-processed":4,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":539,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":9,"global_ts_usec":1681845606130644}
+00835{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":5,"packets-processed":4,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":539,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":9,"global_ts_usec":1681845606130644}
00705{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1681845006101184,"flow_dst_last_pkt_time":1681845606130644,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":186,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":186,"pkt_l4_len":152,"thread_ts_usec":1681845606130644,"pkt":"ABY+cE49+hY+WLcoCABFAACstuhAAD0GG+OsHgDtrBARZSOEwIC2ibYQwmztgoAYgABcSAAAAQEICuFUkx8fee6mAAAAdAAAAIMAAAABAAAD6QAMMTcyLjMwLjAuMjM3AAAjhP\/\/ABZRNU5OaVhQZlIycVRBb0Y1aTczSlBnAAAD6QAAAAEAAAARTEJfTUFJTl9MT0dfSU5QVVQAAAAAAQAAAAAAAAAAA+kAAAABAAAD6QAAAAEAAAPp"}
-00790{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":6,"packets-processed":5,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":659,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":11,"global_ts_usec":1681849206507695}
+00836{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":6,"packets-processed":5,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":659,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":11,"global_ts_usec":1681849206507695}
00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681849206507695,"flow_src_last_pkt_time":1681849206507695,"flow_dst_last_pkt_time":1681849206507695,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":350,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":350,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":350,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681849206507695,"l3_proto":"ip4","src_ip":"172.30.0.237","dst_ip":"172.16.17.101","src_port":9092,"dst_port":58052,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01012{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1681849206507695,"flow_dst_last_pkt_time":1681849206507695,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":416,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":416,"pkt_l4_len":382,"thread_ts_usec":1681849206507695,"pkt":"ABY+cE49+hY+WLcoCABFAAGSoXxAAD0GMGmsHgDtrBARZSOE4sSUXCuwa5w4kYAYgAC0VAAAAQEICuGLgxkfsN6\/AAABWgAAAIwAAAAAADgAAAAAAAkAAQAAAAwAAgAAAAYAAwAAAAsABAAAAAUABQAAAAMABgAAAAcABwAAAAMACAAAAAgACQAAAAcACgAAAAMACwAAAAcADAAAAAQADQAAAAQADgAAAAUADwAAAAUAEAAAAAQAEQAAAAEAEgAAAAMAEwAAAAcAFAAAAAYAFQAAAAIAFgAAAAQAFwAAAAQAGAAAAAMAGQAAAAMAGgAAAAMAGwAAAAEAHAAAAAMAHQAAAAIAHgAAAAIAHwAAAAIAIAAAAAQAIQAAAAIAIgAAAAIAIwAAAAIAJAAAAAIAJQAAAAMAJgAAAAIAJwAAAAIAKAAAAAIAKQAAAAIAKgAAAAIAKwAAAAIALAAAAAEALQAAAAAALgAAAAAALwAAAAAAMAAAAAEAMQAAAAEAMgAAAAAAMwAAAAAAOAAAAAAAOQAAAAAAPAAAAAAAPQAAAAA="}
00705{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1681849506130446,"flow_dst_last_pkt_time":1681849206507695,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":186,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":186,"pkt_l4_len":152,"thread_ts_usec":1681849506130446,"pkt":"ABY+cE49+hY+WLcoCABFAACsoX5AAD0GMU2sHgDtrBARZSOE4sSUXC0Oa5w4vYAYgADrYgAAAQEICuGQFYEftXEqAAAAdAAAAI0AAAABAAAD6QAMMTcyLjMwLjAuMjM3AAAjhP\/\/ABZRNU5OaVhQZlIycVRBb0Y1aTczSlBnAAAD6QAAAAEAAAARTEJfTUFJTl9MT0dfSU5QVVQAAAAAAQAAAAAAAAAAA+kAAAABAAAD6QAAAAEAAAPp"}
00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1681849506130446,"flow_dst_last_pkt_time":1681849806180390,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1681849806180390,"pkt":"+hY+WLcoABY+cE49CABFAABg\/Z1AAEAG0nmsEBFlrB4A7eLEI4RrnDi9lFwthoAYAehq0wAAAQEICh+6BVvhkBWBAAAAKAADAAIAAACOAAdyZGthZmthAAAAAQARTEJfTUFJTl9MT0dfSU5QVVQ="}
00705{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1681849806209304,"flow_dst_last_pkt_time":1681849806180390,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":186,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":186,"pkt_l4_len":152,"thread_ts_usec":1681849806209304,"pkt":"ABY+cE49+hY+WLcoCABFAACsoYBAAD0GMUusHgDtrBARZSOE4sSUXC2Ga5w46YAYgADCVQAAAQEICuGUqa8fugVbAAAAdAAAAI4AAAABAAAD6QAMMTcyLjMwLjAuMjM3AAAjhP\/\/ABZRNU5OaVhQZlIycVRBb0Y1aTczSlBnAAAD6QAAAAEAAAARTEJfTUFJTl9MT0dfSU5QVVQAAAAAAQAAAAAAAAAAA+kAAAABAAAD6QAAAAEAAAPp"}
00706{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1681849806209304,"flow_dst_last_pkt_time":1681849806180390,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":186,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":186,"pkt_l4_len":152,"thread_ts_usec":1681849806209304,"pkt":"ABY+cE49+hY+WLcoCABFAACsoYBAAD0GMUusHgDtrBARZSOE4sSUXC2Ga5w46YAYgADCVQAAAQEICuGUqa8fugVbAAAAdAAAAI4AAAABAAAD6QAMMTcyLjMwLjAuMjM3AAAjhP\/\/ABZRNU5OaVhQZlIycVRBb0Y1aTczSlBnAAAD6QAAAAEAAAARTEJfTUFJTl9MT0dfSU5QVVQAAAAAAQAAAAAAAAAAA+kAAAABAAAD6QAAAAEAAAPp"}
-00794{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":11,"packets-processed":10,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1413,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":2,"total-active-flows":2,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":18,"global_ts_usec":1681858206109620}
+00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":11,"packets-processed":10,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1413,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":2,"total-active-flows":2,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":18,"global_ts_usec":1681858206109620}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681858206109620,"flow_src_last_pkt_time":1681858206109620,"flow_dst_last_pkt_time":1681858206109620,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681858206109620,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":40042,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1681858206109620,"flow_dst_last_pkt_time":1681858206109620,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1681858206109620,"pkt":"+hY+WLcoABY+cE49CABFAABgBT9AAEAGytisEBFlrB4A7ZxqI4Q9lP9C7RFkxIAYAehq0wAAAQEICiA6MeDiC6+6AAAAKAADAAIAAACkAAdyZGthZmthAAAAAQARTEJfTUFJTl9MT0dfSU5QVVQ="}
00925{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681858206109620,"flow_src_last_pkt_time":1681858206109620,"flow_dst_last_pkt_time":1681858206109620,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681858206109620,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":40042,"dst_port":9092,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
@@ -23,12 +23,12 @@
00968{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":3,"flow_first_seen":1681844706292198,"flow_src_last_pkt_time":1681845006101184,"flow_dst_last_pkt_time":1681845606130644,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":350,"flow_src_tot_l4_payload_len":69,"flow_dst_tot_l4_payload_len":590,"midstream":1,"thread_ts_usec":1681858206137402,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":49280,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
00939{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":1,"flow_first_seen":1681849206507695,"flow_src_last_pkt_time":1681849806209304,"flow_dst_last_pkt_time":1681849806180390,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":120,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":350,"flow_dst_max_l4_payload_len":44,"flow_src_tot_l4_payload_len":710,"flow_dst_tot_l4_payload_len":44,"midstream":1,"thread_ts_usec":1681858206137402,"l3_proto":"ip4","src_ip":"172.30.0.237","dst_ip":"172.16.17.101","src_port":9092,"dst_port":58052,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
00784{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":1,"flow_first_seen":1681849206507695,"flow_src_last_pkt_time":1681849806209304,"flow_dst_last_pkt_time":1681849806180390,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":120,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":350,"flow_dst_max_l4_payload_len":44,"flow_src_tot_l4_payload_len":710,"flow_dst_tot_l4_payload_len":44,"midstream":1,"thread_ts_usec":1681858206137402,"l3_proto":"ip4","src_ip":"172.30.0.237","dst_ip":"172.16.17.101","src_port":9092,"dst_port":58052,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00794{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":13,"packets-processed":12,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1577,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":2,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":3,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":26,"global_ts_usec":1681860006461064}
+00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":13,"packets-processed":12,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1577,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":2,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":3,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":26,"global_ts_usec":1681860006461064}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681860006461064,"flow_src_last_pkt_time":1681860006461064,"flow_dst_last_pkt_time":1681860006461064,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681860006461064,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":56556,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1681860006461064,"flow_dst_last_pkt_time":1681860006461064,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":91,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":91,"pkt_l4_len":57,"thread_ts_usec":1681860006461064,"pkt":"+hY+WLcoABY+cE49CABFAABN+I1AAEAG15ysEBFlrB4A7dzsI4Si6W0AVXZVa4AYAepqwAAAAQEICiBVqpDiME5qAAAAFQASAAAAAACoAAdyZGthZmthAAAAAA=="}
00925{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":13,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681860006461064,"flow_src_last_pkt_time":1681860006461064,"flow_dst_last_pkt_time":1681860006461064,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681860006461064,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":56556,"dst_port":9092,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
01012{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1681860006461064,"flow_dst_last_pkt_time":1681860006489735,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":416,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":416,"pkt_l4_len":382,"thread_ts_usec":1681860006489735,"pkt":"ABY+cE49+hY+WLcoCABFAAGSQEpAAD0GkZusHgDtrBARZSOE3OxVdlVroultGYAYgADK3AAAAQEICuIwToggVaqQAAABWgAAAKgAAAAAADgAAAAAAAkAAQAAAAwAAgAAAAYAAwAAAAsABAAAAAUABQAAAAMABgAAAAcABwAAAAMACAAAAAgACQAAAAcACgAAAAMACwAAAAcADAAAAAQADQAAAAQADgAAAAUADwAAAAUAEAAAAAQAEQAAAAEAEgAAAAMAEwAAAAcAFAAAAAYAFQAAAAIAFgAAAAQAFwAAAAQAGAAAAAMAGQAAAAMAGgAAAAMAGwAAAAEAHAAAAAMAHQAAAAIAHgAAAAIAHwAAAAIAIAAAAAQAIQAAAAIAIgAAAAIAIwAAAAIAJAAAAAIAJQAAAAMAJgAAAAIAJwAAAAIAKAAAAAIAKQAAAAIAKgAAAAIAKwAAAAIALAAAAAEALQAAAAAALgAAAAAALwAAAAAAMAAAAAEAMQAAAAEAMgAAAAAAMwAAAAAAOAAAAAAAOQAAAAAAPAAAAAAAPQAAAAA="}
-00794{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":15,"packets-processed":14,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1952,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":3,"total-detection-updates":0,"total-updates":0,"current-active-flows":2,"total-active-flows":4,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":31,"global_ts_usec":1681878308076966}
+00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":15,"packets-processed":14,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1952,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":3,"total-detection-updates":0,"total-updates":0,"current-active-flows":2,"total-active-flows":4,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":31,"global_ts_usec":1681878308076966}
00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681878308076966,"flow_src_last_pkt_time":1681878308076966,"flow_dst_last_pkt_time":1681878308076966,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":448,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":448,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":448,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681878308076966,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":38176,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01161{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1681878308076966,"flow_dst_last_pkt_time":1681878308076966,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":514,"pkt_l4_len":480,"thread_ts_usec":1681878308076966,"pkt":"+hY+WLcoABY+cE49CABFAAH0JpZAAEAGp+2sEBFlrB4A7ZUgI4RBpO5PlVpho4AYAehsZwAAAQEICiFs7eTjR5EYAAABvAAAAAMAAAACAAdyZGthZmth\/\/8AAQAAE4gAAAABABFMQl9NQUlOX0xPR19JTlBVVAAAAAEAAAAAAAABgAAAAAAAAAAAAAABdAAAAAACQ2zQNQAAAAAAAAAAAYeXwlC4AAABh5fCULj\/\/\/\/\/\/\/\/\/\/wAA\/\/\/\/\/wAAAAGCBQAAAAH0BHsidGltZXN0YW1wIjoiMTY4MTg3ODMwNyIsInJlY2VpdmVkIjoiMTY4MTg3ODMwNyIsIm1lc3NhZ2UiOiJBcHIgMTkgMDY6MjU6MDcgcnN5c2xvZ2Q6ICBbb3JpZ2luIHNvZnR3YXJlPVwicnN5c2xvZ2RcIiBzd1ZlcnNpb249XCI4LjMyLjBcIiB4LXBpZD1cIjE5OVwiIHgtaW5mbz1cImh0dHA6Ly93d3cucnN5c2xvZy5jb21cIl0gcnN5c2xvZ2Qgd2FzIEhVUGVkIiwiaG9zdCI6ImxvZy1jb2xsZWN0b3IiLCJzZXZlcml0eSI6ImluZm8iLCJmYWNpbGl0eSI6InN5c2xvZyIsInByb2dyYW1uYW1lIjoicnN5c2xvZ2QiLCJ0YWciOiJyc3lzbG9nZDoifQ0KAA=="}
00928{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":15,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681878308076966,"flow_src_last_pkt_time":1681878308076966,"flow_dst_last_pkt_time":1681878308076966,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":448,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":448,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":448,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681878308076966,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":38176,"dst_port":9092,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
@@ -41,15 +41,15 @@
00637{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":20,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":5,"flow_src_last_pkt_time":1681878308632420,"flow_dst_last_pkt_time":1681878308660971,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":127,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":127,"pkt_l4_len":93,"thread_ts_usec":1681878308660971,"pkt":"ABY+cE49+hY+WLcoCABFAABxeTpAAD0GWcysHgDtrBARZSOElSCVWmHgQaTxjIAYhDCRegAAAQEICuNHk2EhbPAQAAAAOQAAAAMAAAABABFMQl9NQUlOX0xPR19JTlBVVAAAAAEAAAAAAAAAAAAAAKs8Iv\/\/\/\/\/\/\/\/\/\/AAAAAA=="}
00968{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1681858206109620,"flow_src_last_pkt_time":1681858206109620,"flow_dst_last_pkt_time":1681858206137402,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":120,"midstream":1,"thread_ts_usec":1681878308660971,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":40042,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
00968{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1681860006461064,"flow_src_last_pkt_time":1681860006461064,"flow_dst_last_pkt_time":1681860006489735,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":350,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":350,"midstream":1,"thread_ts_usec":1681878308660971,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":56556,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
-00794{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":21,"packets-processed":20,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3328,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":5,"total-detection-updates":0,"total-updates":0,"current-active-flows":2,"total-active-flows":6,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":44,"global_ts_usec":1681879208222000}
+00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":21,"packets-processed":20,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3328,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":5,"total-detection-updates":0,"total-updates":0,"current-active-flows":2,"total-active-flows":6,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":44,"global_ts_usec":1681879208222000}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681879208222000,"flow_src_last_pkt_time":1681879208222000,"flow_dst_last_pkt_time":1681879208222000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681879208222000,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":58300,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":1681879208222000,"flow_dst_last_pkt_time":1681879208222000,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":91,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":91,"pkt_l4_len":57,"thread_ts_usec":1681879208222000,"pkt":"+hY+WLcoABY+cE49CABFAABN1nxAAEAG+a2sEBFlrB4A7eO8I4TXshQ4goGTkYAYAepqwAAAAQEICiF6qh3jVU1JAAAAFQASAAAAAAAEAAdyZGthZmthAAAAAA=="}
00925{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681879208222000,"flow_src_last_pkt_time":1681879208222000,"flow_dst_last_pkt_time":1681879208222000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681879208222000,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":58300,"dst_port":9092,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
-00794{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":22,"packets-processed":21,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3353,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":6,"total-detection-updates":0,"total-updates":0,"current-active-flows":3,"total-active-flows":7,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":48,"global_ts_usec":1681883408373461}
+00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":22,"packets-processed":21,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3353,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":6,"total-detection-updates":0,"total-updates":0,"current-active-flows":3,"total-active-flows":7,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":48,"global_ts_usec":1681883408373461}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681883408373461,"flow_src_last_pkt_time":1681883408373461,"flow_dst_last_pkt_time":1681883408373461,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681883408373461,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":53052,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_src_last_pkt_time":1681883408373461,"flow_dst_last_pkt_time":1681883408373461,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":91,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":91,"pkt_l4_len":57,"thread_ts_usec":1681883408373461,"pkt":"+hY+WLcoABY+cE49CABFAABNsmNAAEAGHcesEBFlrB4A7c88I4SykL7z5TL1+oAYAepqwAAAAQEICiG6wRvjlWQgAAAAFQASAAAAAAAPAAdyZGthZmthAAAAAA=="}
00925{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":22,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681883408373461,"flow_src_last_pkt_time":1681883408373461,"flow_dst_last_pkt_time":1681883408373461,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1681883408373461,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":53052,"dst_port":9092,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
-00794{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":23,"packets-processed":22,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3378,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":7,"total-detection-updates":0,"total-updates":0,"current-active-flows":4,"total-active-flows":8,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":52,"global_ts_usec":1703132756328165}
+00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":23,"packets-processed":22,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":3378,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":7,"total-detection-updates":0,"total-updates":0,"current-active-flows":4,"total-active-flows":8,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":52,"global_ts_usec":1703132756328165}
00768{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1703132756328165,"flow_src_last_pkt_time":1703132756328165,"flow_dst_last_pkt_time":1703132756328165,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1703132756328165,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":46136,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":9,"flow_packet_id":1,"flow_src_last_pkt_time":1703132756328165,"flow_dst_last_pkt_time":1703132756328165,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1703132756328165,"pkt":"AAAAAAAAAAAAAAAACABFAAA8Eq5AAEAGKgx\/AAABfwAAAbQ4I4TC+vYrAAAAAKACQQD+MAAAAgT\/1wQCCApRp0SoAAAAAAEDAwA="}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":9,"flow_packet_id":2,"flow_src_last_pkt_time":1703132756328165,"flow_dst_last_pkt_time":1703132756328170,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1703132756328170,"pkt":"AAAAAAAAAAAAAAAACABFAAA8AABAAEAGPLp\/AAABfwAAASOEtDhFvmxLwvr2LKASyyD+MAAAAgT\/1wQCCApRp0SoUadEqAEDAwA="}
@@ -62,7 +62,7 @@
00964{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681878308632420,"flow_src_last_pkt_time":1681878308632420,"flow_dst_last_pkt_time":1681878308632420,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1703132763110994,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":53768,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
00964{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681879208222000,"flow_src_last_pkt_time":1681879208222000,"flow_dst_last_pkt_time":1681879208222000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":25,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1703132763110994,"l3_proto":"ip4","src_ip":"172.16.17.101","dst_ip":"172.30.0.237","src_port":58300,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
00962{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":7,"flow_first_seen":1703132756328165,"flow_src_last_pkt_time":1703132769960435,"flow_dst_last_pkt_time":1703132769960418,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":140,"flow_dst_max_l4_payload_len":446,"flow_src_tot_l4_payload_len":307,"flow_dst_tot_l4_payload_len":660,"midstream":0,"thread_ts_usec":1703132769960435,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":46136,"dst_port":9092,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Kafka","proto_id":"377","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":16,"category":"RPC"}}
-00796{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":41,"packets-processed":41,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4345,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":8,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":9,"total-idle-flows":9,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":65,"global_ts_usec":1703132769960435}
+00842{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/kafka.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":41,"packets-processed":41,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":4345,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":8,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":9,"total-idle-flows":9,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":65,"global_ts_usec":1703132769960435}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 41/41
~~ skipped flows.............: 0
Powered by cgit, Themed by Ted Yin.